This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Platform Symphony DE. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in the way SOAP requests are handled. A malformed SOAP request would overwrite a statically sized buffer that could allow remote code execution in the context of the process.