Intrusion Prevention

Borland.VisiBroker.Osagent.Exe.Code.Execution

Description

This indicates an heap overflow vulnerability in Borland VisiBroker.
The vulnerability is caused by an input validation error in Smart Agent (osagent.exe) while processing malformed "DSRequest" packet. It allows remote attackers to execute arbitrary code via a crafted request.

Affected Products

Borland VisiBroker version 08.00.00.C1.03 and prior

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Currently we are not aware of any vendor supplied patch for this issue.

CVE References

CVE-2008-7127