HTTPDX.Tolog.Format.String

Release Date Jan 21, 2010
Severity high
Impact System compromise or denial of service
Description This indicates a possible attack against a format-string vulnerability in the HTTP service of HTTPDX HTTP server. This vulnerability is due to the software's inability to properly handle specially crafted HTTP requests containing format specifiers. A remote attacker may exploit this to cause memory corruption or arbitrary code execution.
Affected Products HTTPDX server 1.5 and prior versions
Recommended Actions Currently we are not aware of any officially supplied patch for this issue.
Coverage IPS VCM
Reference/s http://www.vupen.com/english/advisories/2009/3312

Fortinet