Release DateMay 27, 2010 |
Severityhigh |
ImpactSystem compromise: Remote attackers can gain control of vulnerable systems.Denial of service |
DescriptionThis indicates an attack attempt against a buffer-overflow vulnerability in the Liquid XML Studio software.The vulnerability is caused by an error when the vulnerable software handles a specially crafted web page. It allows a remote attacker to execute arbitrary code. |
Affected ProductsLiquid Technologies LtXmlComHelp8 ActiveX Control 8.061970 and previous versionsLiquid XML Studio 8.061970 and previous versions |
Recommended ActionsUpgrade to version 8.10:http://www.liquid-technologies.com/ |
Coverage IPS
VCM |
Reference/shttp://secunia.com/advisories/38974/http://www.corelan.be:8800/index.php/forum/security-advisories/corelan-10-012-liquid-xml-heap-overflow-0day/ |
