CVE-2006-6488

Опубликовано: 31 дек. 2006

Источник: nvd

CVSS2: 7.5

EPSS Средний

Описание

Stack-based buffer overflow in the DoModal function in the Dialog Wrapper Module ActiveX control (DlgWrapper.dll) before 8.4.166.0, as used by ICONICS OPC Enabled Gauge, Switch, and Vessel ActiveX, allows remote attackers to execute arbitrary code via a long (1) FileName or (2) Filter argument.

Ссылки

http://osvdb.org/32552
http://secunia.com/advisories/23583
Vendor Advisory
http://www.kb.cert.org/vuls/id/251969
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/21849
http://www.vupen.com/english/advisories/2007/0025
https://exchange.xforce.ibmcloud.com/vulnerabilities/31228
http://osvdb.org/32552
http://secunia.com/advisories/23583
Vendor Advisory
http://www.kb.cert.org/vuls/id/251969
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/21849
http://www.vupen.com/english/advisories/2007/0025
https://exchange.xforce.ibmcloud.com/vulnerabilities/31228

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:iconics:dialog_wrapper_module_activex_control:*:*:*:*:*:*:*:*

Версия до 8.4.165.0 (включая)

EPSS

Процентиль: 96%

0.29587

Средний

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-3c3v-8gm2-qxwq

github

почти 4 года назад