Vignette · Vignette Storyserver · CVE-2003-0400
Name of the Vulnerable Software and Affected Versions:
Vignette StoryServer and Vignette V/5 (affected versions not specified)
Description:
The issue arises from improper calculation of the size of text variables, leading to Vignette returning unauthorized portions of memory. This can be demonstrated by using a specific string in a CookieName argument to the login template.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.