Sterling Trader Remote Stack Based Overflow Vulnerability
BID:51040
Info
Sterling Trader Remote Stack Based Overflow Vulnerability
| Bugtraq ID: | 51040 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2011-3842 |
| Remote: | Yes |
| Local: | No |
| Published: | Dec 13 2011 12:00AM |
| Updated: | Dec 13 2011 12:00AM |
| Credit: | Dmitriy Pletnev of Secunia Research |
| Vulnerable: |
Sterling Trader Sterling Trader 7.0.2 |
| Not Vulnerable: | |
Discussion
Sterling Trader Remote Stack Based Overflow Vulnerability
Sterling Trader is prone to a remote stack-based buffer-overflow vulnerability because it fails to properly validate user-supplied input.
Attackers can exploit this issue to run arbitrary code within the context of the application. Failed exploit attempts may crash the affected application, denying service to legitimate users.
Sterling Trader 7.0.2 is vulnerable; other versions may also be affected.
Sterling Trader is prone to a remote stack-based buffer-overflow vulnerability because it fails to properly validate user-supplied input.
Attackers can exploit this issue to run arbitrary code within the context of the application. Failed exploit attempts may crash the affected application, denying service to legitimate users.
Sterling Trader 7.0.2 is vulnerable; other versions may also be affected.
Exploit / POC
Sterling Trader Remote Stack Based Overflow Vulnerability
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Sterling Trader Remote Stack Based Overflow Vulnerability
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Sterling Trader Remote Stack Based Overflow Vulnerability
References:
References:
- Product Homepage (Sterling Trader)
- Sterling Trader Data Processing Buffer Overflow Vulnerability (Secunia)