Buffer overflow in CHttpServer::OnParseError in the ISAPI extension (Isapi.cpp) when built using Microsoft Foundation Class (MFC) static libraries in Visual C++ 5.0, and 6.0 before SP3, as used in multiple products including BadBlue, allows remote malicious users to cause a denial of service (access violation and crash) and possibly execute arbitrary code via a long query string that causes a parsing error.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
working resources inc. badblue personal_1.7.3 |
||
microsoft foundation class library 7.0 |