Vulnerabilities > CVE-2008-7126 - Numeric Errors vulnerability in Microfocus Visibroker
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Integer overflow in osagent.exe in Borland VisiBroker Smart Agent 08.00.00.C1.03 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet with a large string length value to UDP port 14000, which triggers a heap-based buffer overflow.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Common Weakness Enumeration (CWE)
Exploit-Db
| description | Borland VisiBroker Smart Agent 08.00.00.C1.03 Multiple Remote Vulnerabilities. CVE-2008-7126. Dos exploit for windows platform |
| id | EDB-ID:31330 |
| last seen | 2016-02-03 |
| modified | 2008-03-03 |
| published | 2008-03-03 |
| reporter | Luigi Auriemma |
| source | https://www.exploit-db.com/download/31330/ |
| title | Borland VisiBroker Smart Agent 08.00.00.C1.03 - Multiple Remote Vulnerabilities |
References
- http://aluigi.altervista.org/adv/visibroken-adv.txt
- http://archives.neohapsis.com/archives/fulldisclosure/2008-03/0018.html
- http://osvdb.org/43057
- http://secunia.com/advisories/29213
- http://www.securityfocus.com/bid/28084
- http://www.vupen.com/english/advisories/2008/0748/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/40978