Intrusion Prevention

Reprise.License.Manager.HTTP.Parameters.Parsing.Buffer.Overflow

Description

This indicates an attack attempt to exploit a Stack based Buffer Overflow vulnerability in the Reprise License Manager.
The vulnerability is caused by an improper validation of user supplied data when the vulnerable application handles a maliciously crafted request. An attacker can exploit this to execute arbitrary code in the context of the vulnerable application via a crafted HTTP request.

Affected Products

Reprise Software License Manager 11.3BL1 and prior

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Currently we are unaware of any vendor supplied patch for this issue

CVE References

CVE-2015-6946

Other References

ZDI-15-412 ZDI-15-414 ZDI-15-416