Signature Detail
Short Name |
HTTP:EASYLAN-REG-BOF |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Easy LAN Folder Share .reg FIle Parsing Buffer Overflow |
Release Date |
2013/11/11 |
Update Number |
2318 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Easy LAN Folder Share .reg FIle Parsing Buffer Overflow
This signature detects attempts to exploit a known vulnerability in Easy LAN Folder Share. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the targeted application.
Extended Description
Buffer overflow in MostGear Soft Easy LAN Folder Share 3.2.0.100 allows local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long string in the (1) registration code field in the activate license window or the (2) HKLM\SOFTWARE\MostGear\EasyLanFolderShare_V1\License registry key. NOTE: it is not clear from the original report whether this issue crosses privilege boundaries. If not, then it should not be included in CVE.
Affected Products
- mostgear easy_lan_folder_share 3.2.0.100
References
- CVE: CVE-2013-6079