CVE-2007-3962

Name of the Vulnerable Software and Affected Versions: fsplib versions prior to 0.9

Description: The issue is related to multiple stack-based buffer overflows in the fsplib.c file. These overflows can occur in two scenarios: (1) when handling a long filename with the fsp readdir native function, especially when MAXNAMLEN is greater than 255, and (2) when processing a long d name directory field in the fsp readdir function. This could potentially allow remote attackers to execute arbitrary code.

Recommendations: For fsplib versions prior to 0.9, update to version 0.9 or later to resolve the issue. As a temporary workaround, consider restricting access to the fsp readdir native and fsp readdir functions until a patch is available. Avoid using long filenames and directory names in the affected functions to minimize the risk of exploitation.