ERDAS ER Viewer 'rf_report_error()' Function Stack Buffer Overflow Vulnerability

ERDAS ER Viewer is prone to a stack-based buffer-overflow vulnerability because the software fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts likely result in denial-of-service conditions.

ERDAS ER Viewer 13.0.1.1298 is vulnerable; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus