Multiple buffer overflows in the Syslog server in ManageEngine EventLog Analyzer 6.1 allow remote attackers to cause a denial of service (SysEvttCol.exe process crash) or possibly execute arbitrary code via a long Syslog PRI message header to UDP port (1) 513 or (2) 514. Fixed in 7.2 Build 7020.
References
Configurations
Information
Published : 2011-09-27 12:55
Updated : 2020-03-26 07:15
NVD link : CVE-2010-4840
Mitre link : CVE-2010-4840
JSON object : View
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Products Affected
manageengine
- eventlog_analyzer