IPIX Image Well ActiveX Controls Multiple Buffer Overflow Vulnerabilities
BID:23379
Info
IPIX Image Well ActiveX Controls Multiple Buffer Overflow Vulnerabilities
| Bugtraq ID: | 23379 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-1687 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 09 2007 12:00AM |
| Updated: | Apr 30 2007 05:10PM |
| Credit: | Will Dormann of CERT/CC is credited with discovering these issues. |
| Vulnerable: |
IPIX Corporation ImageWell ActiveX 0 |
| Not Vulnerable: | |
Discussion
IPIX Image Well ActiveX Controls Multiple Buffer Overflow Vulnerabilities
IPIX Image Well ActiveX controls are prone to multiple buffer-overflow vulnerabilities because the software fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.
Exploiting these issues allows remote attackers to execute arbitrary code in the context of applications using the affected ActiveX controls and to compromise affected computers. Failed attempts will likely result in denial-of-service conditions.
IPIX Image Well ActiveX controls are prone to multiple buffer-overflow vulnerabilities because the software fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.
Exploiting these issues allows remote attackers to execute arbitrary code in the context of applications using the affected ActiveX controls and to compromise affected computers. Failed attempts will likely result in denial-of-service conditions.
Exploit / POC
IPIX Image Well ActiveX Controls Multiple Buffer Overflow Vulnerabilities
The following exploit code is available:
The following exploit code is available:
Solution / Fix
IPIX Image Well ActiveX Controls Multiple Buffer Overflow Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
References
IPIX Image Well ActiveX Controls Multiple Buffer Overflow Vulnerabilities
References:
References: