Stack-based buffer overflow in mnet.exe in Unisys Business Information Server (BIS) 10 and 10.1 on Windows allows remote attackers to execute arbitrary code via a crafted TCP packet.