[原文]Team Factor 1.25 and earlier allows remote attackers to cause a denial of service (crash) via a packet that uses a negative number to specify the size of the data block that follows, which causes Team Factor to read unallocated memory.
The disclosure of this issue has been credited to Luigi Auriemma <email@example.com>.
Singularity Software Team Factor 1.25 m
Singularity Software Team Factor 1.25
It has been reported that Team Factor may be prone to a memory corruption vulnerability that may allow remote attackers to cause a denial of service condition or possibly execute arbitrary code.
Team Factor versions 1.25 and prior are reported to be prone to this issue.
Proof of concept code can be obtained from the following location: http://aluigi.altervista.org/poc/tfboom.zip
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: firstname.lastname@example.org <mailto:email@example.com>.