• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

TalentSoft Web+ WML Request Cookie Buffer Overflow Vulnerability

TalentSoft Web+ is an environment for developing web-based client/server applications. It will run on Microsoft Windows 9x/NT/2000 and Unix operating systems.

An exploitable buffer overflow has been discovered in Web+ when an oversized cookie is sent with a request for a WML file. This overflow could overwrite stack variables, including the return address, and be used to execute arbitrary code as the web server process. However, sending random data could cause the application to crash.