InduSoft WebStudio ActiveX buffer overflow - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

InduSoft WebStudio ActiveX buffer overflow
updated since 05.09.2011
Published: 21.11.2011
Source: BUGTRAQ
SecurityVulns ID: 11894
Type: client
Level: 5/10
Description: Different ActiveX methods buffer overflows.

Affected: INDUSOFT : InduSoft Web Studio 7.0
CVE: CVE-2011-4052 (Stack-based buffer overflow in CEServer.exe in the CEServer component in the Remote Agent module in InduSoft Web Studio 6.1 and 7.0 allows remote attackers to execute arbitrary code via a crafted 0x15 (aka Remove File) operation for a file with a long name.)
CVE-2011-4051 (CEServer.exe in the CEServer component in the Remote Agent module in InduSoft Web Studio 6.1 and 7.0 does not require authentication, which allows remote attackers to execute arbitrary code via vectors related to creation of a file, loading a DLL, and process control.)
CVE-2011-0342 (Multiple buffer overflows in the InduSoft ISSymbol ActiveX control in ISSymbol.ocx 301.1104.601.0 in InduSoft Web Studio 7.0B2 hotfix 7.0.01.04 allow remote attackers to execute arbitrary code via a long parameter to the (1) Open, (2) Close, or (3) SetCurrentLanguage method.)

Original document ZDI, ZDI-11-329 : InduSoft WebStudio CEServer Operation 0x15 Remote Code Execution Vulnerability (21.11.2011)

ZDI, ZDI-11-330 : InduSoft WebStudio Unauthenticated Remote Operations Remote Code Execution Vulnerability (21.11.2011)

SECUNIA, Secunia Research: InduSoft ISSymbol ActiveX Control Buffer Overflow Vulnerabilities (05.09.2011)

Discuss: Read or add your comments to this news (0 comments)