Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdiStephen Fewer of Harmony Security (www.harmonysecurity.com)ZDI-08-096
HistoryAug 14, 2008 - 12:00 a.m.

EMC ApplicationXtender Workflow Server Admin Agent Heap Overflow Vulnerability

2008-08-1400:00:00
Stephen Fewer of Harmony Security (www.harmonysecurity.com)
www.zerodayinitiative.com
17

EPSS

0.168

Percentile

96.1%

JSON

This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of EMC ApplicationXtender Workflow Server. Authentication is not required to exploit this vulnerability. The specific flaw exists in the Admin Agent service (aws_tmxn.exe) which listens by default on TCP port 2606. The process receives network packet data into a static heap buffer. Exploitation allows remote attackers to corrupt heap memory subsequently leading to arbitrary code execution under the context of the SYSTEM user.

Related

cvelist 1
prion 1
cve 1
nvd 1
cvelist
cvelist
CVE-2008-3684
2009-10-22 15:26:00
prion
prion
Heap overflow
2009-10-22 16:00:00
cve
cve
CVE-2008-3684
2009-10-22 16:00:00
nvd
nvd
CVE-2008-3684
2009-10-22 16:00:00

EPSS

0.168

Percentile

96.1%

JSON
Related for ZDI-08-096
cvelist1prion1cve1nvd1