CVSS: 10.0EPSS: 4%CPEs: 1EXPL: 0CVE-2009-4643
https://notcve.org/view.php?id=CVE-2009-4643
Stack-based buffer overflow in dsInstallerService.dll in the Juniper Installer Service, as used in Juniper Odyssey Access Client 4.72.11421.0 and other products, allows remote attackers to execute arbitrary code via a long string in a malformed DSSETUPSERVICE_CMD_UNINSTALL command to the NeoterisSetupService named pipe. Desbordamiento de búfer basado en pila en dsInstallerService.dll de Juniper Installer Service, tal como es utilizado en Juniper Odyssey Access Client v4.72.11421.0 y otros productos, permite a atacantes remotos ejecutar código de su elección a través de una cadena de texto larga en un comando DSSETUPSERVICE_CMD_UNINSTALL mal formado a la tubería con nombre NeoterisSetupService. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=850 https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2009-10-540&viewMode=view • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •