Intrusion Prevention

FoxWeb.PATHINFO.Buffer.Overflow

Description

This indicates that an attacker attempted to exploit a buffer overflow vulnerability in FoxWeb. FoxWeb contains a buffer overflow vulnerability caused by insufficient bounds checking on the PATH_INFO variable to FoxWeb and the ISAPI extensions. A successful exploit could lead to arbitrary code execution.

Affected Products

FoxWeb FoxWeb 2.5

Impact

System compromise: remote code execution.

Recommended Actions

Apply the appropriate patch from the vendor or upgrade to a non-vulnerable version.

CVE References

CVE-2003-0762