VULHUB ™

The Internet Security Systems (ISS) Protocol Analysis Module, included in multiple ISS products, is prone to a remotely exploitable heap overrun vulnerability. The issue exists in the SMB parsing routines provided by the module and is due to insufficient bounds checking of protocol fields. This issue could potentially be exploited to execute arbitrary code on systems hosting the vulnerable software, potentially resulting in system compromise.

The Internet Security Systems (ISS) Protocol Analysis Module, included in multiple ISS products, is prone to a remotely exploitable heap overrun vulnerability. The issue exists in the SMB parsing routines provided by the module and is due to insufficient bounds checking of protocol fields. This issue could potentially be exploited to execute arbitrary code on systems hosting the vulnerable software, potentially resulting in system compromise.