Icinga Web Interface CVE-2013-7106 Multiple Unspecified Buffer Overflow Vulnerabilities

Icinga is prone to multiple unspecified buffer-overflow vulnerabilities because it fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

Attackers can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions.

Icinga 1.8, 1.9 and 1.10 are vulnerable; other versions may also be affected.


Privacy Statement
Copyright 2010, SecurityFocus