CVE-2012-0273

Name of the Vulnerable Software and Affected Versions MinaliC version 2.0.0

Description The issue allows remote attackers to execute arbitrary code due to multiple stack-based buffer overflows. This can occur through a session id cookie in a request to the get cookie value function in response.c, a directory name in a request to the add default file function in response.c, or a file name in a request to the retrieve physical file name or brows function in response.c.

Recommendations For MinaliC version 2.0.0, as a temporary workaround, consider disabling the get cookie value, add default file, and retrieve physical file name or brows functions until a patch is available. Restrict access to the response.c module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.