Info

Disclosure

Apr 12, 2006

Discovery

Dec 21, 2005

Dates

Exploit

Apr 12, 2006

Solution

Unknown

Description

A remote overflow exists in Amaya. The product fails to filter hostile input associated with the 'textarea rows' html attribute resulting in a stack overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Public
OSVDB: Web Related

Solution

Upgrade to version 9.5 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Amaya Development Team	Amaya	9.4
		9.5

References

Bugtraq ID: 17507
Secunia Advisory ID: 19670
CVE ID: 2006-1900 (see also: NVD)
Related OSVDB ID: 24624
ISS X-Force ID: 25791
VUPEN Advisory: ADV-2006-1351
Keyword: BuHa Security-Advisory #10
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-04/0245.html
Other Advisory URL: http://morph3us.org/advisories/20060412-amaya-94-2.txt
http://morph3us.org/advisories/20060412-amaya-94.txt
Vendor URL: http://www.w3.org/Amaya/

Credit

Thomas Waldegger - bugtraqmorph3us.org -

Direct URL: http://osvdb.org/24623

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Amaya Development Team

Amaya

References

Credit