VULHUB ™

It has been reported that OmniCom winShadow client is prone to a remote buffer overflow condtion due to insufficient boundary checking. The issue is reported to exist in the process responsible for reading hostnames for the *.osh host files. An attacker may exploit this issue by passing an extra 250 bytes in the hostname parameter of the vulnerable process. Successful exploitation of this issue may allow an attacker to execute arbitrary code in the context of the client in order to gain unauthorized access to a vulnerable system. OmniCom winShadow version 2.0 has been reported to be prone to this issue, however other versions may be affected as well.

It has been reported that OmniCom winShadow client is prone to a remote buffer overflow condtion due to insufficient boundary checking. The issue is reported to exist in the process responsible for reading hostnames for the *.osh host files. An attacker may exploit this issue by passing an extra 250 bytes in the hostname parameter of the vulnerable process. Successful exploitation of this issue may allow an attacker to execute arbitrary code in the context of the client in order to gain unauthorized access to a vulnerable system. OmniCom winShadow version 2.0 has been reported to be prone to this issue, however other versions may be affected as well.