Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: stake advisories (stake)
Date: Fri Apr 13 2001 - 15:29:51 CDT
-----BEGIN PGP SIGNED MESSAGE-----
Security Advisory Notification
Advisory Name: Netscape SmartDownload Overflow
Release Date: 04/13/2001
Application: Netscape SmartDownload 1.3
Platform: Microsoft Windows
Severity: An attacker can execute arbitrary code on the system
running Smart Download.
Author(s): Frank Swiderski (fesatstake.com)
Vendor Status: Vendor has updated version of program
Netscape SmartDownload is a browser plugin that allows users to pause and
resume downloads from the Internet. It can be installed separately, or
when installing Netscape's Communicator. If enabled, SmartDownload can
handle downloads spawned by both Netscape and Microsoft Internet
Explorer, possibly others. However, if SmartDownload was installed and
subsequently "disabled," the system will still be vulnerable to attack.
SmartDownload parses all URLs that the web browser accesses. As part
of the parsing, it copies the file requested using an unbounded string
operation to a buffer on the stack, allowing a classic overwrite of the
saved instruction pointer, and potential execution of malicious code.
Because SmartDownload installs plugins for all browsers it supports by
default (which includes both Netscape Communicator and Microsoft Internet
Explorer), most users who have SmartDownload on their system are vulnerable
to this condition. Because SmartDownload parses all outgoing requests,
the condition can be exploited very easily, and does not always require
the user to click or actively request a link.
Vendor has an updated version, SmartDownload 1.4, which addresses this
problem. You can download the latest SmartDownload at:
** The advisory contains additional information. We encourage those
** effected by this issue to read the advisory.
** All vulnerablity database maintainers should reference the above
** advisory reference URL to refer to this advisory.
Copyright 2001 stake, Inc. All rights reserved.
-----BEGIN PGP SIGNATURE-----
Version: PGP 7.0
-----END PGP SIGNATURE-----