The SonicWall NetExtender NELaunchCtrl ActiveX control contains a stack buffer overflow, which could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.
SonicWall NetExtender is an SSL VPN client that is implemented by using an ActiveX control. The NELaunchCtrl ActiveX control, which is provided by NELaunchX.dll, contains a stack buffer overflow in the AddRouteEntry() method.
Exploit code for this vulnerability is publicly available.
By convincing a user to view a specially crafted HTML document (e.g., a web page or an HTML email message or attachment), a remote, unauthenticated attacker may be able to execute arbitrary code with the privileges of the user on a vulnerable system.
Apply an update
This vulnerability was reported by Will Dormann of the CERT/CC. It was also independently discovered by lofi42.
This document was written by Will Dormann.
|Date First Published:||2007-11-02|
|Date Last Updated:||2009-04-13 17:15 UTC|