19 Jul 2012
17 Dec 2012
This covers vulnerabilities where malicious people are able to gain system access and execute arbitrary code with the privileges of a local user.
Multiple vulnerabilities have been reported in AFD, which can be exploited by malicious people to compromise a vulnerable system.
1) An error within the URL parsing function can be exploited to cause a buffer overflow via an overly long server name passed to the URL.
2) Some unspecified errors can be exploited to cause buffer overflows.
The vulnerabilities are reported in versions prior to 1.4.4.
Update to version 1.4.4.
Reported by the vendor.