Vulnerability Note VU#705958
HAHTsite Scenario Server fails to handle overly long URLs
HAHTsite Scenario Server fails to properly handle HTTP requests containing an overly long "project name".
HAHTsite Scenario Server is an e-Business platform that consists of a web application server and web development environment. There is a buffer overflow vulnerability in the way HAHTsite Scenario Server processes incoming HTTP requests. By supplying a specially crafted HTTP request containing an overly long "project name", a remote, unauthenticated attacker could cause the HAHTsite Scenario Server process to crash or potentially execute code of the attacker's choice.
A remote, unauthenticated attacker could cause the HAHTsite Scenario Server process to crash or potentially execute code of the attacker's choice.
HAHT has published a fix to address this issue. For information on obtaining this fix, please refer to HAHT Knowledge Base Article ID: 20030010.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|HAHT Commerce||Affected||-||12 Apr 2004|
CVSS Metrics (Learn More)
This vulnerability was reported by Dennis Rand.
This document was written by Damon Morda.
- CVE IDs: Unknown
- Date Public: 02 Apr 2004
- Date First Published: 14 Apr 2004
- Date Last Updated: 14 Apr 2004
- Severity Metric: 10.75
- Document Revision: 9
If you have feedback, comments, or additional information about this vulnerability, please send us email.