N/A

There exists an unauthenticated SEH based Buffer Overflow vulnerability in the HTTP server of Flexense SyncBreeze Enterprise v10.1.16. When sending a GET request with an excessive length, it is possible for a malicious user to overwrite the SEH record and execute a payload that would run under the Windows SYSTEM account.

N/A

N/A

Flexense SyncBreeze Enterprise HTTP服务器缓冲区错误漏洞

Flexense SyncBreeze Enterprise是加拿大Flexense公司的一套文件同步工具。该工具具有文件管理和数据同步等功能。HTTP server是其中的一个HTTP服务器。 Flexense SyncBreeze Enterprise 10.1.16版本中的HTTP服务器存在缓冲区溢出漏洞。攻击者可借助较长GET请求利用该漏洞覆盖SHE记录并执行载荷。

N/A

N/A