Recently I had found and released details regarding several flaws which existed in the eZnetwork suite, packages which I have associated with this particular flaw, or other names used when mentioning the products in question were:
+ eZ + eZnetwork + eZphotoshare + eZshare + eZmeeting
I stated to have found two flaws within the eZnetwork suite; a stack based buffer overflow, and a heap memory corruption flaw, both of which could enable malicious individuals to execute arbitrary code on systems running this software.
eZmeeting's programmers have now fixed all of the issues which I had raised, and would like to suggest that all their customers update their software with the latest versions which can be downloaded from their website, or using the links below:
+ eZ (eZmeeting) (Link may not be populated for the next few days while a new build is being finalised.) + http://www.ezmeeting.com/files/eZ36.EXE
+ eZphotoshare + http://www.ezphotoshare.com/files/eZphoto.1.2.1.EXE
I would like to take this opportunity to thank eZmeeting for working with me to protect their customers, particularly Mr Rosenbloom who has acted very professionally and has always put emphasis on the importance of a quick but sound release of a fix at the earliest possible date.
I would like to ask that if possible any security websites or mailing list archives could associate this fix information with the existing emails regarding the flaws which I had discovered in eZ and eZphotoshare.
Kindest regards, - Peter Winter-Smith
_________________________________________________________________
Use MSN Messenger to send music and pics to your friends http://www.msn.co.uk/messenger
