Signature Detail
Short Name |
HTTP:AUDIT:LENGTH-OVER-8192 |
|---|---|
Severity |
High |
Recommended |
No |
Category |
HTTP |
Keywords |
URL Length Over 8192 Bytes |
Release Date |
2009/01/16 |
Update Number |
1352 |
Supported Platforms |
idp-4.0.110090709+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: URL Length Over 8192 Bytes
This protocol anomaly triggers when it detects an HTTP URL that exceeds 8192 bytes in length. While fairly rare, this is not necessarily an indication of an attack.
Extended Description
The Macromedia JRun IIS ISAPI handler is prone to a remotely exploitable buffer overrun condition. The issue is due to a lack of bounds checking on requested filenames. It is possible to trigger the overrun if a filename of excessive length is requested. This vulnerability has been reported to affect Microsoft Windows operating systems. Other platforms may not be affected by this issue.
Affected Products
- Macromedia ColdFusion Server MX 6.0.0
- Macromedia JRun 3.0.0
- Macromedia JRun 3.1.0
- Macromedia JRun 4.0.0
References
- BugTraq: 67777
- BugTraq: 6122
- CVE: CVE-2014-3913
- CVE: CVE-2012-3544