SignKorea SKCommAX ActiveX Control Remote Buffer Overflow Vulnerability
BID:23149
Info
SignKorea SKCommAX ActiveX Control Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 23149 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 26 2007 12:00AM |
| Updated: | Mar 27 2007 06:53PM |
| Credit: | Park Gyu Tae is credited with the discovery of this vulnerability. |
| Vulnerable: |
SignKorea SKCommAX ActiveX Control 7.2.0.2 SignKorea SKCommAX ActiveX Control 6.6.0.1 |
| Not Vulnerable: | |
Discussion
SignKorea SKCommAX ActiveX Control Remote Buffer Overflow Vulnerability
SignKorea SKCommAX ActiveX control is prone to a remote buffer-overflow vulnerability because the software fails to properly bounds-check user-supplied input before copying it to insufficiently sized memory buffers.
Exploiting this issue allows remote attackers to execute arbitrary machine code in the context of applications that employ the vulnerable controls (typically Microsoft Internet Explorer).
SignKorea SKCommAX ActiveX Control 7.2.0.2 and 6.6.0.1 are vulnerable to this issue; other versions may also be vulnerable.
SignKorea SKCommAX ActiveX control is prone to a remote buffer-overflow vulnerability because the software fails to properly bounds-check user-supplied input before copying it to insufficiently sized memory buffers.
Exploiting this issue allows remote attackers to execute arbitrary machine code in the context of applications that employ the vulnerable controls (typically Microsoft Internet Explorer).
SignKorea SKCommAX ActiveX Control 7.2.0.2 and 6.6.0.1 are vulnerable to this issue; other versions may also be vulnerable.
Exploit / POC
SignKorea SKCommAX ActiveX Control Remote Buffer Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution / Fix
SignKorea SKCommAX ActiveX Control Remote Buffer Overflow Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
References
SignKorea SKCommAX ActiveX Control Remote Buffer Overflow Vulnerability
References:
References:
- Vendor Homepage (SignKorea)