Code injection

2006-04-0610:04:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

High

0.051 Low

EPSS

Percentile

93.0%

JSON

SMART SynchronEyes Student and Teacher 6.0, and possibly earlier versions, allows remote attackers to cause a denial of service (memory consumption) via a certain packet to the Teacher discovery port that causes SynchronEyes to connect to the attacker’s machine and read a value that is used as a parameter to malloc.

CPENameOperatorVersion
synchroneyesle6.0

CPE	Name	Operator	Version
	synchroneyes	le	6.0

References

secunia.com/advisories/19535

securitytracker.com/id?1015869

www.osvdb.org/24392

www.securityfocus.com/archive/1/429843/100/0/threaded

www.securityfocus.com/bid/17373

www.vupen.com/english/advisories/2006/1241

exchange.xforce.ibmcloud.com/vulnerabilities/25663