HNS MAIN FEED
Saturday, 01:37 EST
- Zero-day vulnerabilities in Firefox extensions discovered
- Three charged with Comcast.net hijacking
- Cloud computing security benefits, risks and recommendations
- Poisoned Google search results
- World’s first wireless USB external hard drive
- A look at Securitybyte & OWASP AppSec Asia Conference 2009
- Biggest threats to federal systems and critical infrastructure
- Are 64-bit Windows inherently safer?
- NSA on cyber attacks and Microsoft collaboration
- New books: ModSecurity, Snow Leopard, social Web applications
- Vulnerability in IBM SolidDB memory caching software
- Two arrested for Zbot Trojan
Multiple Vendor Hummingbird STR Service Buffer Overflow
09 November 2009
The Hummingbird STR service (STRsvc.exe) used in products by multiple vendors is exposed to a buffer overflow issue because it fails to properly bounds check user-supplied data before copying it into an insufficiently sized memory buffer. The vulnerability arises in the "STRlib.dll" module when the application handles a packet containing an excessive amount of data. EMC Documentum eRoom versions 7.4.2 and earlier and Open Text Search Server version 6.0 and 6.1 are affected by this issue. OpenText Search Server 6.1 and OpenText Search Server 6.0 and EMC Documentum eRoom 7.4.1 are affected by this issue.
Ref: http://www.zerodayinitiative.com/advisories/ZDI-09-074/
09.45.1 - CVE: Not Available
Platform: Third Party Windows Apps
Ref: http://www.zerodayinitiative.com/advisories/ZDI-09-074/
09.45.1 - CVE: Not Available
Platform: Third Party Windows Apps