CVE-2009-0693 Information

Description

Multiple buffer overflows in Wyse Device Manager (WDM) 4.7.x allow remote attackers to execute arbitrary code via (1) the User-Agent HTTP header to hserver.dll or (2) unspecified input to hagent.exe.

Reference

http://archives.neohapsis.com/archives/fulldisclosure/2009-07/0101.html http://www.kb.cert.org/vuls/id/654545 http://www.theregister.co.uk/2009/07/10/wyse_remote_exploit_bugs/ http://www.wyse.com/serviceandsupport/Wyse20Security20Bulletin20WSB09-01.pdf