BID:9708

Singularity Software Team Factor Integer Handling Memory Corruption Vulnerability

Info

Singularity Software Team Factor Integer Handling Memory Corruption Vulnerability

Bugtraq ID:	9708
Class:	Boundary Condition Error
CVE:	CVE-2004-0321
Remote:	Yes
Local:	No
Published:	Feb 20 2004 12:00AM
Updated:	Jul 12 2009 03:06AM
Credit:	The disclosure of this issue has been credited to Luigi Auriemma <[email protected]>.
Vulnerable:	Singularity Software Team Factor 1.25 m Singularity Software Team Factor 1.25

Not Vulnerable:

Discussion

Singularity Software Team Factor Integer Handling Memory Corruption Vulnerability

It has been reported that Team Factor may be prone to a memory corruption vulnerability that may allow remote attackers to cause a denial of service condition or possibly execute arbitrary code.

Team Factor versions 1.25 and prior are reported to be prone to this issue.

Exploit / POC

Singularity Software Team Factor Integer Handling Memory Corruption Vulnerability

Proof of concept code can be obtained from the following location:
http://aluigi.altervista.org/poc/tfboom.zip

Solution / Fix

Singularity Software Team Factor Integer Handling Memory Corruption Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.

References

Singularity Software Team Factor Integer Handling Memory Corruption Vulnerability

References:

Team Factor Homepage (Singularity Software)