Lucene search

K
saintSAINT CorporationSAINT:9D5EC89352217A66148A45E698C5330A
HistoryJul 14, 2006 - 12:00 a.m.

eSignal WinSig.exe buffer overflow

2006-07-1400:00:00
SAINT Corporation
www.saintcorporation.com
22

0.331 Low

EPSS

Percentile

97.1%

Added: 07/14/2006
CVE: CVE-2004-1868
BID: 9978
OSVDB: 4583

Background

eSignal is a tool which provides real-time financial and market information. Its main application, **WinSig.exe**, services requests on port 80/TCP.

Problem

A buffer overflow vulnerability in eSignal allows remote attackers to execute arbitrary commands by sending a STREAMQUOTE element containing a large amount of data.

Resolution

Upgrade to eSignal version 7.6 release 3, build 636a.

References

<http://archives.neohapsis.com/archives/bugtraq/2004-04/0056.html&gt;

Limitations

Exploit works on eSignal 7.6 Build 635.

Platforms

Windows 2000
Windows XP

0.331 Low

EPSS

Percentile

97.1%

Related for SAINT:9D5EC89352217A66148A45E698C5330A