Short Name |
HTTP:STC:DL:INTELLITAMPER-CAT |
---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
IntelliTamper Catalog File Buffer Overflow |
Release Date |
2012/12/10 |
Update Number |
2209 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
This signature detects attempts to exploit a known vulnerability in the IntelliTamper. A successful attack can lead to a buffer overflow and arbitrary remote code execution.
IntelliTamper is prone to a buffer-overflow vulnerability because the application fails to properly validate the size of user-supplied data before copying it into a fixed-sized buffer. This issue allows remote attackers to execute arbitrary machine code in the context of applications that use IntelliTamper. Failed exploit attempts will likely crash the application, denying service to legitimate users. IntelliTamper 2.07 and 2.08 are vulnerable; other versions may also be affected.