Short Name |
APP:BORLAND:STARTEAM-MPX-OF |
---|---|
Severity |
Major |
Recommended |
No |
Category |
APP |
Keywords |
Borland StarTeam MPX Overflow |
Release Date |
2012/11/15 |
Update Number |
2203 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit several known issues in Borland's StarTeam MPX server. A successful attack could result in arbitrary code execution or a denial of service.
Borland StarTeam is prone to multiple issues, including multiple integer-overflow vulnerabilities, a heap-overflow vulnerability, and a denial-of-service vulnerability. Successfully exploiting these issues allows remote attackers to execute arbitrary machine code in the context of vulnerable server processes. These issues may facilitate the remote compromise of affected computers. Attackers may also trigger denial-of-service conditions. NOTE: The StarTeam MPX vulnerabilities may actually be related to a TIBCO SmartSocket DLL, but this has not been confirmed. We may update this BID as more information emerges. Borland StarTeam Server 2008 and MPX products are vulnerable to these issues; other versions may also be affected.