Description
Vignette StoryServer and Vignette V/5 does not properly calculate the size of text variables, which causes Vignette to return unauthorized portions of memory, as demonstrated using the "-->" string in a CookieName argument to the login template, referred to as a "memory leak" in some reports.
Exploits (2)
References (4)
Core 4
Core References
Vendor Advisory x_refsource_misc
http://www.s21sec.com/es/avisos/s21sec-018-en.txt
Patch, Vendor Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/12075.php
Exploit, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/7684
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=105405985126857&w=2
Scores
EPSS
0.0511
EPSS Percentile
89.9%
Details
Status
published
Products (6)
vignette/content_suite
6.0
vignette/storyserver
4.0
vignette/storyserver
4.1
vignette/storyserver
4.2
vignette/storyserver
5.0
vignette/vignette
5.0
Published
Jun 30, 2003
Tracked Since
Feb 18, 2026