Dear All,
Recently I had found and released details regarding several flaws which
existed in the eZnetwork suite, packages which I have associated with this
particular flaw, or other names used when mentioning the products in
question were:
+ eZ
+ eZnetwork
+ eZphotoshare
+ eZshare
+ eZmeeting
I stated to have found two flaws within the eZnetwork suite; a stack based
buffer overflow, and a heap memory corruption flaw, both of which could
enable malicious individuals to execute arbitrary code on systems running
this software.
eZmeeting's programmers have now fixed all of the issues which I had raised,
and would like to suggest that all their customers update their software
with the latest versions which can be downloaded from their website, or
using the links below:
+ eZ (eZmeeting) (Link may not be populated for the next few days while a
new build is being finalised.)
+ http://www.ezmeeting.com/files/eZ36.EXE
+ eZphotoshare
+ http://www.ezphotoshare.com/files/eZphoto.1.2.1.EXE
I would like to take this opportunity to thank eZmeeting for working with me
to protect their customers, particularly Mr Rosenbloom who has acted very
professionally and has always put emphasis on the importance of a quick but
sound release of a fix at the earliest possible date.
I would like to ask that if possible any security websites or mailing list
archives could associate this fix information with the existing emails
regarding the flaws which I had discovered in eZ and eZphotoshare.
Kindest regards,
- Peter Winter-Smith
_________________________________________________________________
Use MSN Messenger to send music and pics to your friends
http://www.msn.co.uk/messenger
This archive was generated by hypermail 2b30 : Thu Dec 11 2003 - 15:08:42 PST