Buffer overflow in (1) foxweb.dll and (2) foxweb.exe of Foxweb 2.5 allows remote malicious users to execute arbitrary code via a long URL (PATH_INFO value).
source: wwwsecurityfocuscom/bid/8547/info
FoxWeb is prone to a remotely exploitable buffer overrun vulnerability This is due to insufficient bounds checking of user-supplied PATH_INFO data to the Foxweb CGI and ISAPI extension Successful exploitation would permit a remote attacker to execute arbitrary code in the context of the software ...