CVE-2003-0400 Information

Description

Vignette StoryServer and Vignette V/5 does not properly calculate the size of text variables which causes Vignette to return unauthorized portions of memory as demonstrated using the --\ string in a CookieName argument to the login template referred to as a \memory leak\ in some reports.

Reference

http://marc.info/?l=bugtraq&m=105405985126857&w=2 http://www.iss.net/security_center/static/12075.php http://www.s21sec.com/es/avisos/s21sec-018-en.txt http://www.securityfocus.com/bid/7684