Added: 07/14/2006
CVE: CVE-2004-1868
BID: 9978
OSVDB: 4583
eSignal is a tool which provides real-time financial and market information. Its main application, **WinSig.exe**
, services requests on port 80/TCP.
A buffer overflow vulnerability in eSignal allows remote attackers to execute arbitrary commands by sending a STREAMQUOTE element containing a large amount of data.
Upgrade to eSignal version 7.6 release 3, build 636a.
<http://archives.neohapsis.com/archives/bugtraq/2004-04/0056.html>
Exploit works on eSignal 7.6 Build 635.
Windows 2000
Windows XP