Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
A vulnerability in Celestial Software's Absolute Telnet 2.00 and 2.11 can lead to arbitrary execution of code on the vulnerable system.
February 11, 2003
Reported February 6, 2003, by KnudErik Højgaard.
VERSIONS AFFECTED
Absolute Telnet 2.00 and 2.11
DESCRIPTION
Avulnerability in Celestial Software's Absolute Telnet 2.00 and 2.11 can lead toarbitrary execution of code on the vulnerable system. This vulnerability is aresult of insufficient bounds checking in the code that sets the program's titlebar.
VENDOR RESPONSE
CelestialSoftware has released version 2.12 Release Candidate 10 (RC10),which isn't vulnerable to this condition.
CREDIT
Discoveredby Knud Erik Højgaard.
You May Also Like