HTTP: Interactive Data eSignal Stack Buffer Overflow
A stack buffer overflow vulnerability exists in Interactive Data eSignal. The vulnerability is due insufficient validation of string lengths when copying input into a fixed size stack buffer in certain file types. A remote attacker could exploit this vulnerability by enticing the user to open a maliciously crafted file. Successful exploitation would lead to execution of arbitrary code in the security context of the target user.
Extended Description
WinSig.exe in eSignal 10.6.2425 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a long StyleTemplate element in a QUO, SUM or POR file, which triggers a stack-based buffer overflow, or (2) a long Font->FaceName field (aka FaceName element), which triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.
Affected Products
Interactivedata esignal
Short Name
HTTP:STC:DL:QUO-ESIGNAL-BOF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Buffer CVE-2011-3494 Data Interactive Overflow Stack eSignal
Release Date
12/14/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3761
False Positive
Unknown
Vendors
Interactivedata
CVSS Score
10.0