An exploitable buffer overflow vulnerability exists in the HTTP header-parsing function of the Webroot BrightCloud SDK. The function bc_http_read_header incorrectly handles overlong headers, leading to arbitrary code execution. An unauthenticated attacker could impersonate a remote BrightCloud server to trigger this vulnerability.
2019-01-03T22:29:00.417
2024-11-21T04:06:29.697
Modified
CVSSv3.0: 9.0 (CRITICAL)
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.6
10.0
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | webroot | brightcloud | * | Yes |