Short Name |
HTTP:MISC:EVIEWS-PRG-BO |
---|---|
Severity |
High |
Recommended |
No |
Category |
HTTP |
Keywords |
EViews .prg buffer overflow |
Release Date |
2012/12/12 |
Update Number |
2210 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
This signature detects attempts to exploit a known vulnerability in EViews as it relates to PRG file handling. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the application.
EViews is prone to multiple memory-corruption vulnerabilities. An attacker can exploit these issues by enticing an unsuspecting user to open a specially crafted 'WF1' or 'PRG' file. A successful attack will allow attacker-supplied code to run in the context of the application or cause a denial-of-service condition. EViews versions 7.0.0.1 and prior are affected.