xArrow Multiple Remote Denial of Service Vulnerabilities

Bugtraq ID:	52307
Class:	Unknown
CVE:	CVE-2012-2426 CVE-2012-2427 CVE-2012-2428 CVE-2012-2429
Remote:	Yes
Local:	No
Published:	Mar 05 2012 12:00AM
Updated:	May 24 2012 03:30PM
Credit:	ICS-CERT
Vulnerable:	xArrow xArrow 3.2 xArrow xArrow 0
Not Vulnerable:	xArrow xArrow 3.4.1

xArrow Multiple Remote Denial of Service Vulnerabilities

xArrow is prone to multiple remote denial-of-service vulnerabilities.

Successful exploits of these vulnerabilities will result in a denial-of-service condition. Due to nature of these issues, arbitrary code execution may also be possible.

xArrow 3.2 and prior versions are vulnerable.

xArrow Multiple Remote Denial of Service Vulnerabilities

The following example exploits are available:

• /data/vulnerabilities/exploits/52307.txt

xArrow Multiple Remote Denial of Service Vulnerabilities

Solution:
Updates are available. Please contact the vendor for more information.

xArrow Multiple Remote Denial of Service Vulnerabilities

References:

• ICS-ALERT-12-065-01 �??XARROW MULTIPLE VULNERABILTIES (US-CERT)
  
• xArrow Multiple Vulnerabilities (Luigi Auriemma)
  
• ICSA-12-145-02�??XARROW MULTIPLE SECURITY VULNERABILITIES (ICS-CERT)
  
• xArrow Homepage (xArrow)