Stack-based buffer overflow in SafeNet SoftRemote 10.8.5 (Build 2) and 10.3.5 (Build 6), and possibly other versions before 10.8.9, allows local users to execute arbitrary code via a long string in a (1) TREENAME or (2) GROUPNAME Policy file (spd).
2009-11-04T17:30:00.343
2025-04-09T00:30:58.490
Deferred
CVSSv2: 6.9 (MEDIUM)
AV:L/AC:M/Au:N/C:C/I:C/A:C
3.4
10.0
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | safenet-inc | softremote | ≤ 10.8.8 | Yes |
| Application | safenet-inc | softremote | 1.7.1 | Yes |
| Application | safenet-inc | softremote | 1.7.2 | Yes |
| Application | safenet-inc | softremote | 1.7.7 | Yes |
| Application | safenet-inc | softremote | 1.8.1 | Yes |
| Application | safenet-inc | softremote | 1.9.0 | Yes |
| Application | safenet-inc | softremote | 10.3.5 | Yes |
| Application | safenet-inc | softremote | 10.7.7 | Yes |
| Application | safenet-inc | softremote | 10.8.0 | Yes |
| Application | safenet-inc | softremote | 10.8.1 | Yes |
| Application | safenet-inc | softremote | 10.8.2 | Yes |
| Application | safenet-inc | softremote | 10.8.3 | Yes |
| Application | safenet-inc | softremote | 10.8.4 | Yes |
| Application | safenet-inc | softremote | 10.8.5 | Yes |
| Application | safenet-inc | softremote | 10.8.6 | Yes |
| Application | safenet-inc | softremote | 10.8.7 | Yes |