Strike ID:
E13-3u501
CVSS:
9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
False Positive:
t
Variants:
1
Year:
2013

Description

This strike exploits a vulnerability in Novell's Messenger Client where a malformed href response refers to a file that doesn't exist and the resulting error message can clobber a stack buffer.

CVE

OSVDB

91477