The web server in Integard Pro and Home before 2.0.0.9037 and 2.2.x before 2.2.0.9037 has a buffer overflow via a long password in an administration login POST request, leading to arbitrary code execution. An SEH-overwrite buffer overflow already existed for the vulnerable software. This CVE is to track an alternate exploitation method, utilizing an EIP-overwrite buffer overflow.
CPE | Name | Operator | Version |
---|---|---|---|
integard_home | ge | 2.2.0 | |
integard_home | lt | 2.2.0.9037 | |
integard_home | lt | 2.0.0.9037 | |
integard_pro | ge | 2.2.0 | |
integard_pro | lt | 2.2.0.9037 | |
integard_pro | lt | 2.0.0.9037 |