Tomahawk Technologies » Steelarrow : Security Vulnerabilities, CVEs, CVSS score >= 6
Multiple buffer overflows in Tomahawk SteelArrow before 4.5 allow remote attackers to execute arbitrary code via (1) the Steelarrow Service (Steelarrow.exe) using a long UserIdent Cookie header, (2) DLLHOST.EXE (Steelarrow.dll) via a request for a long .aro file, or (3) DLLHOST.EXE via a Chunked Transfer-Encoding request.
Max CVSS
7.5
EPSS Score
11.11%
Published
2003-04-11
Updated
2008-09-05
1 vulnerabilities found