9 lines
No EOL
584 B
Text
9 lines
No EOL
584 B
Text
source: http://www.securityfocus.com/bid/7296/info
|
|
|
|
It has been reported that Vignette StoryServer, under some circumstances may reveal stack memory content.
|
|
|
|
If a specially crafted request is made for a page that accepts user-supplied data an error state may be triggered. If the attack is successful a dump of the current stack contents will be returned to the attackers browser within an error message.
|
|
|
|
The information gathered in this way may be used to mount further attacks against the system.
|
|
|
|
https://www.example.com/securelogin/1,2345,A,00.html?Errmessage="x214>x214 |