Intrusion Prevention

Cruiseworks.cws.EXE.doc.Parameter.Buffer.Overflow

Description

It indicates a possible exploit of a buffer overflow vulnerability in CruiseWorks.
CruiseWorks fails to validate input passed to the 'doc' parameter of the '/scripts/cruise/cms.exe' application.

Affected Products

Cruiseworks Cruiseworks 1.09.d
Cruiseworks Cruiseworks 1.09.c

Impact

The execution of arbitrary code on the system.

Recommended Actions

Upgrade to the latest version of CruiseWorks (1.09e or later), available from the CruiseWorks Web site.
http://www.kynos.co.jp/cruise/cws/home.shtml

CVE References

CVE-2006-5571

Other References

29763