A boundary condition condition exists in the General_ServerName property which by passing an overly long string, and then making a call to the InstallBrowserHelperDll() the data is then copied into a fixed length buffer, thereby overwriting the SEH.
Remote / Network Access,
Loss of Confidentiality,
Loss of Integrity,
Loss of Availability
Patch / RCS
IBM has released a patch to address this issue, please see the references section for more information. Additionally, it is possible to correct the flaw by implementing the following workaround(s): set the killbit for the affected control.
The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO
warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright
holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.