Buffer Overflow in SonicWALL SSL-VPN Product by SonicWALL
CVE-2010-2583

Currently unrated

Key Information:

Vendor

Sonicwall
Status
Ssl-vpn End-point Interrogator\/installer Activex Control
Vendor
CVE Published:
3 November 2010

What is CVE-2010-2583?

The SonicWALL SSL-VPN End-Point Interrogator/Installer contains a stack-based buffer overflow vulnerability in its ActiveX control. This flaw allows remote attackers to execute arbitrary code when they use excessively long parameters in the Install3rdPartyComponent method, particularly in the CabURL and Location arguments. Affected versions prior to 10.5.2 and pre-10.0.5 hotfix 3 are susceptible to this attack, posing significant risks for users who have not applied the necessary updates. Security measures should be implemented immediately to safeguard your network.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securitytracker.com/id?1024666
vdb-entryx_refsource_SECTRACK
http://secunia.com/secunia_research/2010-117/
x_refsource_MISC
http://www.securityfocus.com/archive/1/514561/100/0/threaded
mailing-listx_refsource_BUGTRAQ

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.