(1)clsscheduler多个基于堆的缓冲区溢出。exe(又名调度程序客户端)和(2)srvscheduler。exe(又名调度服务器)BakBone NetVault记者3.5之前Update4允许远程攻击者执行任意代码通过长文件名参数在HTTP请求。
http://secunia.com/advisories/26222
http://securityreason.com/securityalert/2954
https://exchange.xforce.ibmcloud.com/vulnerabilities/35588
http://www.securitytracker.com/id?1018460
http://www.vupen.com/english/advisories/2007/2658
http://www.zerodayinitiative.com/advisories/zdi - 07 - 044. - html