SynCE 'vdccm' Daemon Remote Command Injection Vulnerability

SynCE is prone to a remote command-injection vulnerability because it fails to adequately sanitize user-supplied input data.

Attackers can exploit this issue to execute arbitrary commands in the context of the application, facilitating the remote compromise of affected computers.

SynCE 0.92 is vulnerable; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus