Intrusion Prevention

Borland.StarTeam.Server.Heap.Overflow

Description

This indicates an attempt to exploit a heap overflow vulnerability in Borland StarTeam 2008.
The vulnerability is caused by an error in the deserialization function (tmsg50.dll). It can occur while processing malformed "PROJECT_LOGIN" and "SET_SERVER_ACL" commands. It allows remote attackers to execute arbitrary code via a crafted request.

Affected Products

Borland StarTeam 2008 version 10.0.0.57 and prior.

Impact

System Compromise: remote attackers can gain control of vulnerable systems.

Recommended Actions

Currently we are not aware of any vendor supplied patch for this issue.