Intrusion Prevention



This indicates an attempt to exploit a heap overflow vulnerability in Borland StarTeam 2008.
The vulnerability is caused by an error in the deserialization function (tmsg50.dll). It can occur while processing malformed "PROJECT_LOGIN" and "SET_SERVER_ACL" commands. It allows remote attackers to execute arbitrary code via a crafted request.

Affected Products

Borland StarTeam 2008 version and prior.


System Compromise: remote attackers can gain control of vulnerable systems.

Recommended Actions

Currently we are not aware of any vendor supplied patch for this issue.