Reported April 17, 2002, by NGS Software.
Talentsoft’s Web+ 5.0 and 4.6 for IIS 5.0 and 4.0
DESCRIPTION A buffer overflow condition exists in Talentsoft’s Web+ 5.0 and 4.6 that can cause code
to execute on the vulnerable system under the system-security context. By requesting
a Wireless Markup Language (WML) file from a Web server and supplying an overly long cookie,
an attacker can cause the internal buffer to overflow and overwrite a saved return address on
Discovered by David Litchfield.