Published: 31/08/2012 Updated: 29/08/2017

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 940

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Stack-based buffer overflow in the Image2PDF function in the SCRIBBLE.ScribbleCtrl.1 ActiveX control (ImageViewer2.ocx) in Viscom Image Viewer CP Pro 8.0, Gold 5.5, Gold 6.0, and previous versions allows remote malicious users to execute arbitrary code via a long strPDFFile parameter.

Vulnerable Product	Search on Vulmon	Subscribe to Product
viscomsoft image viewer cp gold sdk 6.0
viscomsoft image viewer cp gold sdk 5.5
viscomsoft image viewer cp pro sdk 8.0

# Image Viewer CP gold v55 Buffer Overflow # Found by: bz1p (AT) bshellznet # Impact: Low, NOT marked safe for scripting or initializing # CVE: ? (0day) # # msf exploit(image_viewer_cpgold) > # [*] Sending exploit to 17217120211:1061 # [*] Sending stage (749056 bytes) to 17217120211 # [*] Meterpreter session 1 opened (172171202 ...

## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = NormalRanking inclu ...

CWE-119 http://www.exploit-db.com/exploits/15658 http://secunia.com/advisories/42445 http://www.osvdb.org/69566 https://exchange.xforce.ibmcloud.com/vulnerabilities/63642 https://nvd.nist.gov https://www.exploit-db.com/exploits/15658/

CVE-2010-5194

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect