Autodesk Backburner stack buffer overflow vulnerability in CVE-2016-2344)
Autodesk Backburner stack buffer overflow vulnerability in CVE-2016-2344)
Release date:
Updated on:
Affected Systems:
Autodesk Backburner 2016.0.0.2150
Description:
CVE (CAN) ID: CVE-2016-2344
Backburner is a network rendering management software.
In Backburner 2016 2016.0.0.2150 and earlier versions, Backburner manager.exe has the stack buffer overflow vulnerability. Remote attackers can exploit this vulnerability to execute arbitrary code or cause a denial of service (DoS) by constructing commands.
<* Source: Alex Ondrick
*>
Suggestion:
Vendor patch:
Autodesk
--------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Https://knowledge.autodesk.com/support/3ds-max/troubleshooting/caas/CloudHelp/cloudhelp/2016/ENU/Installation-3DSMax/files/GUID-F6732A30-821C-4547-9FAA-E46BCA13392A-htm.html
Https://cwe.mitre.org/data/definitions/121.html
Https://knowledge.autodesk.com/support/3ds-max/troubleshooting/caas/sfdcarticles/sfdcarticles/Backburner-Network-Port-Configuration.html
Http://cve.mitre.org/cgi-bin/cvename.cgi? Name = CVE-2007-4749
Http://www.symantec.com/content/en/us/enterprise/research/SYMSA-2007-008.txt
This article permanently updates the link address: