CVE-2010-20112
BaseFortify
Publication date: 2025-08-21
Last updated on: 2025-08-22
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| amlib | netopacs | * |
| amlib | webquery | 4.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a stack-based buffer overflow in Amlib's NetOpacs webquery.dll caused by improper handling of HTTP GET parameters. Specifically, the application does not enforce limits on the size of input provided to the 'app' parameter, allowing attackers to send excessively large data that can overwrite memory structures, including the Structured Exception Handler (SEH). Additionally, malformed parameter names followed by an equals sign can cause unintended control flow behavior. This issue is exposed through IIS and affects legacy Windows deployments.
How can this vulnerability impact me? :
Exploitation of this vulnerability can lead to arbitrary code execution or application crashes due to the buffer overflow and overwritten memory structures. Attackers could potentially gain control over the affected system or cause denial of service by triggering unintended control flow behavior.