A stack-based buffer overflow vulnerability in FortiProxy physical appliance CLI 2.0.0 to 2.0.1, 1.2.0 to 1.2.9, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 may allow an authenticated, remote attacker to perform a Denial of Service attack by running the diagnose sys cpuset
with a large cpuset mask value. Fortinet is not aware of any successful exploitation of this vulnerability that would lead to code execution.
CPE | Name | Operator | Version |
---|---|---|---|
fortiproxy | ge | 2.0.0 | |
fortiproxy | lt | 2.0.2 | |
fortiproxy | ge | 1.2.0 | |
fortiproxy | lt | 1.2.10 | |
fortiproxy | ge | 1.0.0 | |
fortiproxy | le | 1.0.7 | |
fortiproxy | ge | 1.1.0 | |
fortiproxy | le | 1.1.6 |