MyWebServer versions 1.02 and prior contain a remotely exploitable buffer overflow vulnerability. This issue can allow an attacker to execute code with daemon privileges or create a denial of service (DoS) by crashing the web server. MyWebServer is a personal P2P web, file and application server that is compatible with all Windows operating systems. Corporate users may have this product installed on their systems so that co-workers can share files.
A remote attacker who sends a long GET request can crash the web server. An experienced attacker can insert code into the web server that executes with the privileges of the daemon.
An upgraded version is available.