swnet.dll in YaSoft Switch Off 2.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a long packet with two CRLF sequences to the service management port (TCP 8000).
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| yatsoft | switch_off | 1.3 |
| yatsoft | switch_off | 1.9 |
| yatsoft | switch_off | 1.0 |
| yatsoft | switch_off | 1.6 |
| yatsoft | switch_off | 2.0 |
| yatsoft | switch_off | 2.3 |
| yatsoft | switch_off | 1.4 |
| yatsoft | switch_off | 1.7 |
| yatsoft | switch_off | 2.2 |
| yatsoft | switch_off | 1.1 |
| yatsoft | switch_off | 1.5 |
| yatsoft | switch_off | 0.7 |
| yatsoft | switch_off | 1.8 |
| yatsoft | switch_off | 1.5.1 |
| yatsoft | switch_off | 1.2 |
| yatsoft | switch_off | 2.1 |
Stack-based buffer overflow in swnet.dll in YaSoft Switch Off 2.3 and earlier allows remote authenticated users to execute arbitrary code via a long message parameter in a SendMsg action to action.htm.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| yatsoft | switch_off | 1.3 |
| yatsoft | switch_off | 1.9 |
| yatsoft | switch_off | 1.0 |
| yatsoft | switch_off | 1.6 |
| yatsoft | switch_off | 2.0 |
| yatsoft | switch_off | 2.3 |
| yatsoft | switch_off | 1.4 |
| yatsoft | switch_off | 1.7 |
| yatsoft | switch_off | 2.2 |
| yatsoft | switch_off | 1.1 |
| yatsoft | switch_off | 1.5 |
| yatsoft | switch_off | 0.7 |
| yatsoft | switch_off | 1.8 |
| yatsoft | switch_off | 1.5.1 |
| yatsoft | switch_off | 1.2 |
| yatsoft | switch_off | 2.1 |