This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects attempts to exploit a stack based buffer overflow vulnerability in Cytel StatXact application.
Cytel products provide statistical solutions.
Multiple Cytel products are prone to the following buffer-overflow vulnerabilities:
1. A heap-based buffer overflow occurs because of an integer-overflow error when parsing specially crafted '.cy3' and '.cyl' data files.
2. A stack-based buffer overflow occurs in the 'CeCEDll.dll' file when parsing specially crafted '.cy3' and '.cyl' data files.
2. A stack-based buffer overflow occurs when handling the 'USE' command of the '.cyb' files.
Successful exploits can allow attackers to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.
- Cytel Studio 9
- Cytel StatXact 9
- Cytel LogXact 9
- Cytel CrossOver 9
Vendor has not supplied any patches to resolve this issue. Please visit the vendor's website for further details.