A flaw in Trading Technologies Messaging 7.1.28.3 (ttmd.exe) relates to invalid parameter handling when calling strcpy_s() with an invalid parameter (i.e., a long src string parameter) as a part of processing a type 4 message sent to default TCP RequestPort 10200. Itβs been observed that ttmd.exe terminates as a result.
[
{
"product": "Trading Technologies Messaging",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Trading Technologies Messaging 7.1.28.3"
}
]
}
]