Intrusion Prevention



Indicates a possible attempt to exploit a buffer overflow vulnerability in Mercantec SoftCart that may allow an attacker to execute arbitrary code on the system in the context of the hosting Web server by passing a long query string to SoftCart.exe.

Affected Products

Mercantec SoftCart 4.00.b and earlier versions.


System compromise, arbitrary code execution.

Recommended Actions

Upgrade to the latest version of Mercantec SoftCart.