VULHUB ™

Cerberus Information Security Advisory (CISADV000525) - The Cerberus Security Team has found a remotely exploitable buffer overrun in two executables that come with PDGSoft's Shopping Cart. Redirect.exe and changepw.exe are both accessable over the web to all users. If supplied an overly long query string both will overflow an internal buffer overwriting the saved return address.

Cerberus Information Security Advisory (CISADV000525) - The Cerberus Security Team has found a remotely exploitable buffer overrun in two executables that come with PDGSoft's Shopping Cart. Redirect.exe and changepw.exe are both accessable over the web to all users. If supplied an overly long query string both will overflow an internal buffer overwriting the saved return address.