Description: Pentest Limited has reported some vulnerabilities in Sony VAIO Media Integrated Server, which can be exploited by malicious people to gain knowledge of sensitive information or compromise a vulnerable system.
1) An unspecified boundary error can be exploited to cause a buffer overflow and execute arbitrary code with SYSTEM privileges.
2) An unspecified input validation error makes it possible to disclose the contents of arbitrary files on the system via directory traversal attacks.
Solution: Install VAIO Media Integrated Server 4.x/5.x Update Program 1.0.00.42120.
Provided and/or discovered by: Joe Moore, Pentest Limited.
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.