WinProxy Subject to Arbitrary Code Execution

Blue Coat Systems' WinProxy SecureSuite contains critical vulnerabilities that could allow remote intruders to execute arbitrary commands or cause a Denial of Service (DoS) condition. A buffer overflow could occur when processing HTTP headers, and a heap overflow could occur when processing network traffic through the Telnet proxy. Both overflow conditions could allow a remote intruder to execute arbitrary commands. Errors when processing overly long HTTP requests could lead to a DoS. Blue Coat Systems released WinProxy 6.1a, which corrects these problems.

TAGS: Security
Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish