CVE-2007-2952

Name of the Vulnerable Software and Affected Versions Blue Coat K9 Web Protection version 3.2.44 with Filter 3.2.32

Description The issue concerns multiple stack-based buffer overflows in the filter service of Blue Coat K9 Web Protection. This can be exploited by remote attackers who send a long HTTP Referer header to the K9 Web Protection Administration interface, or by man-in-the-middle attackers who send an HTTP response with a long HTTP version field, allowing them to execute arbitrary code.

Recommendations For Blue Coat K9 Web Protection version 3.2.44 with Filter 3.2.32, consider restricting access to the filter service until a patch is available. As a temporary workaround, avoid using the K9 Web Protection Administration interface with untrusted HTTP Referer headers or HTTP responses with long version fields.