Avirt Soho Web Service HTTP GET Buffer Overrun Vulnerability

Avirt Soho is prone to a remotely exploitable buffer overrun when handling HTTP GET requests of excessive length via the embedded web service component listening on TCP port 8080. This may crash the server or could allow for remote attackers to execute arbitrary code in the context of the server process.

This issue was reported in Avirt Soho 4.3. Other versions may also be affected.


Privacy Statement
Copyright 2010, SecurityFocus