Title: ispVM System Boundary Error Multiple Tag Value XCF File Handling Remote Overflow
May 16, 2012
ispVM System is prone to an overflow condition. This issue is triggered by a boundary error when parsing XCF files, resulting in a stack-based buffer overflow. With an overly long value in the device's <Name> XML tag or an overly long version value within the <ispXCF> XML tag, a context-dependent attacker can potentially execute arbitrary code.
Local / Remote,
Loss of Integrity
OSVDB is not aware of a solution for this vulnerability.