CVE-2003-1165

Description

Buffer overflow in BRS WebWeaver 1.06 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP request with a long User-Agent header.

Affected products

brs / webweaver0.49_beta – 0.49_beta
brs / webweaver0.50_beta – 0.50_beta
brs / webweaver0.51_beta – 0.51_beta
brs / webweaver0.52_beta – 0.52_beta
brs / webweaver0.60_beta – 0.60_beta
brs / webweaver0.61_beta – 0.61_beta
brs / webweaver0.62_beta – 0.62_beta
brs / webweaver0.63_beta – 0.63_beta
brs / webweaver1.0.1 – 1.0.1
brs / webweaver1.0.2 – 1.0.2
brs / webweaver1.0.3 – 1.0.3
brs / webweaver1.0.4 – 1.0.4
brs / webweaver1.0.5 – 1.0.5
brs / webweaver1.0.6 – 1.0.6

References

MISChttp://www.securityfocus.com/archive/1/343111
MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/13571
MISChttp://www.securityfocus.com/bid/8947