HTTP: Easy LAN Folder Share .reg FIle Parsing Buffer Overflow
This signature detects attempts to exploit a known vulnerability in Easy LAN Folder Share. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the targeted application.
Extended Description
Buffer overflow in MostGear Soft Easy LAN Folder Share 3.2.0.100 allows local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long string in the (1) registration code field in the activate license window or the (2) HKLM\SOFTWARE\MostGear\EasyLanFolderShare_V1\License registry key. NOTE: it is not clear from the original report whether this issue crosses privilege boundaries. If not, then it should not be included in CVE.
Affected Products
Mostgear easy_lan_folder_share
References
CVE: CVE-2013-6079
Short Name
HTTP:EASYLAN-REG-BOF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
.reg Buffer CVE-2013-6079 Easy FIle Folder LAN Overflow Parsing Share
Release Date
11/11/2013
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Mostgear
CVSS Score
7.2