Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote malicious users to execute arbitrary code via a SRV_MULTI response containing a SRV_USER_ONLINE response packet and a SRV_META_USER response packet with long (1) nickname, (2) firstname, (3) lastname, or (4) email address fields, as exploited by the Witty worm.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
iss realsecure server sensor 7.0 |
||
iss realsecure server sensor 6.5 |
||
iss realsecure network sensor 7.0 |
||
iss realsecure desktop 7.0ebg |
||
iss realsecure guard 3.6ecb |
||
iss realsecure desktop 7.0ebh |
||
iss blackice pc protection 3.6ccf |
||
iss realsecure sentry 3.6ece |
||
iss realsecure desktop 3.6ebz |
||
iss blackice pc protection 3.6ccb |
||
iss realsecure sentry 3.6ecf |
||
iss realsecure server sensor 6.5 win sr3.4 |
||
iss realsecure guard 3.6ece |
||
iss realsecure server sensor 6.0 |
||
iss realsecure desktop 3.6ecd |
||
iss realsecure guard 3.6eca |
||
iss blackice pc protection 3.6cbz |
||
iss blackice pc protection 3.6cce |
||
iss realsecure desktop 7.0ebj |
||
iss realsecure server sensor 6.5 win sr3.9 |
||
iss realsecure guard 3.6ebz |
||
iss blackice pc protection 3.6cca |
||
iss blackice agent server 3.6ecc |
||
iss realsecure sentry 3.6ebz |
||
iss realsecure desktop 3.6ecf |
||
iss realsecure desktop 3.6ecb |
||
iss realsecure guard 3.6ecd |
||
iss realsecure desktop 7.0eba |
||
iss realsecure sentry 3.6ecc |
||
iss realsecure server sensor 6.5 win sr3.5 |
||
iss blackice server protection 3.6ccb |
||
iss blackice agent server 3.6ecb |
||
iss realsecure server sensor 6.5 win sr3.7 |
||
iss realsecure desktop 7.0ebk |
||
iss blackice pc protection 3.6ccd |
||
iss realsecure server sensor 6.0.1 win sr1.1 |
||
iss realsecure desktop 7.0ebl |
||
iss blackice agent server 3.6ebz |
||
iss realsecure server sensor 6.5 win sr3.6 |
||
iss blackice agent server 3.6ece |
||
iss blackice server protection 3.6cce |
||
iss blackice pc protection 3.6ccc |
||
iss blackice server protection 3.6ccd |
||
iss realsecure guard 3.6ecf |
||
iss realsecure desktop 7.0ebf |
||
iss blackice server protection 3.6cca |
||
iss realsecure desktop 3.6ece |
||
iss blackice agent server 3.6ecd |
||
iss blackice agent server 3.6eca |
||
iss realsecure guard 3.6ecc |
||
iss realsecure server sensor 6.5 win sr3.1 |
||
iss realsecure sentry 3.6ecd |
||
iss blackice agent server 3.6ecf |
||
iss realsecure server sensor 6.5 win sr3.10 |
||
iss realsecure sentry 3.6eca |
||
iss realsecure server sensor 6.0.1 |
||
iss blackice server protection 3.6ccc |
||
iss blackice server protection 3.6cbz |
||
iss realsecure sentry 3.6ecb |
||
iss realsecure desktop 3.6eca |
||
iss blackice server protection 3.6ccf |
||
iss realsecure server sensor 6.5 win sr3.8 |
||
iss proventia m series xpu 1.5 |
||
iss proventia a series xpu 22.2 |
||
iss proventia g series xpu 22.5 |
||
iss proventia m series xpu 1.1 |
||
iss proventia m series xpu 1.8 |
||
iss proventia g series xpu 22.11 |
||
iss proventia a series xpu 22.9 |
||
iss proventia m series xpu 1.6 |
||
iss proventia a series xpu 22.3 |
||
iss proventia a series xpu 22.7 |
||
iss proventia g series xpu 22.4 |
||
iss proventia g series xpu 22.7 |
||
iss proventia a series xpu 22.8 |
||
iss proventia g series xpu 22.2 |
||
iss proventia a series xpu 22.1 |
||
iss proventia a series xpu 22.6 |
||
iss proventia g series xpu 22.8 |
||
iss proventia a series xpu 22.4 |
||
iss proventia g series xpu 22.3 |
||
iss proventia m series xpu 1.3 |
||
iss proventia a series xpu 20.11 |
||
iss proventia g series xpu 22.6 |
||
iss proventia a series xpu 22.10 |
||
iss proventia a series xpu 22.5 |
||
iss proventia g series xpu 22.1 |
||
iss proventia m series xpu 1.7 |
||
iss proventia m series xpu 1.2 |
||
iss proventia g series xpu 22.9 |
||
iss proventia m series xpu 1.9 |
||
iss proventia g series xpu 22.10 |
||
iss proventia m series xpu 1.4 |