Blog

Thursday 29 October 2009 - EMC & OpenText Hummingbird STR Service Stack Overflow Vulnerability

By Harmony Security

TippingPoint's Zero Day Initiative (ZDI) has published an advisory for a remote pre authentication stack buffer overflow vulnerability that leads to SYSTEM code execution in the Hummingbird STR Service. The vulnerable service is deployed by multiple vendor products, specifically EMC Documentum eRoom, OpenText Hummingbird and OpenText Search Server. This vulnerability was discovered by Stephen Fewer of Harmony Security.

You can read the full ZDI advisory here:
http://www.zerodayinitiative.com/advisories/ZDI-09-074/

Labels:

Comments: 0

 

 

Bookmark and Share