1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP News Rover Remote Buffer Overflow

HTTP News Rover Remote Buffer Overflow

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a buffer overflow vulnerability in News Rover.

Additional Information

News Rover is a newsreader application available for Microsoft Windows.

News Rover is prone to a remote stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. Specifically the application fails to handle 'nbz' files with arbitrarily long subject lines.

Exploiting this issue allows attackers to execute arbitrary machine code in the context of the affected application.

This issue affects version 4.1.0.1; other versions may also be affected.

Affected

  • S&H Computer Systems News Rover 12.1 RC1

Response

Currently we are not aware of any vendor-supplied patches for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube