Mobius DocumentDirect Web Authorization Form Username Overflow DoS
Remote / Network Access
Denial of Service,
Loss of Integrity,
Loss of Availability
A remote overflow exists in DocumentDirect. The ddiproc.exe program fails to validate the username resulting in a buffer overflow. With a specially crafted request, an attacker can cause a denial of service resulting in a loss of availability.
Upgrade to a fixed version, which is available only by contacting Mobius customer support, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.