Severity: High

Description: Certain code executed by DataFlux Data Management Studio 2.10 and DataFlux Data Management Server 2.10 might result in heap-based buffer overflow, integer overflow or wraparound, cleartext transmission of sensitive information, uncontrolled recursion, and Null pointer dereference, which are related to security vulnerabilities. For additional details, refer to the following Common Weakness Enumeration (CWE) reports:

Data Management Studio 2.10 CWEs: 

• CWE-122: Heap-based Buffer Overflow
• CWE-190: Integer Overflow or Wraparound
• CWE-319: Cleartext Transmission of Sensitive Information

Data Management Server 2.10 CWEs:

• CWE-122: Heap-based Buffer Overflow
• CWE-319: Cleartext Transmission of Sensitive Information
• CWE-476: NULL Pointer Dereference
• CWE-674: Uncontrolled Recursion

Potential Impact: Impacts vary and include the potential for arbitrary code execution by an attacker, transmission of sensitive data in cleartext, and application crashes or denial of service. Refer to the CWE records listed in the previous section for details.