Categorie: Vulnerability Posted: 2003-11-12 by ReCall Views: 397 Source: Click here
Current Rating: Not rated
Details
Description: A buffer overflow vulnerability was reported in Fujitsu's tsworks e-mail client. A remote user can cause arbitrary code to be executed in certain cases.
Secure Net Service (SNS) warned that there is a buffer overflow vulnerability in tsworks that may allow a remote user to execute arbitrary code on the target system.
A remote user can reportedly send an e-mail message with an attachment that contains an "unusually long" string of characters to a target user. Then, when the target user attempts to invoke the "Expand the Attachment" function, the buffer overflow will be triggered, according to the report.
Impact: A remote user can send an attachment that, when expanded by the target user, will execute arbitrary code on
the target user's computer. The code will run with the privileges of the target user.
Solution: The vendor has reportedly issued a fixed version (3.1), available at:
