What is CVE-2010-5193?

CVE-2010-5193 is a vulnerability in Viscomsoft Image_viewer_cp_gold_sdk, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2012-08-31.

Is CVE-2010-5193 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Viscomsoft Image_viewer_cp_gold_sdk

CVE-2010-5193

Stack-based buffer overflow in the TIFMergeMultiFiles function in the SCRIBBLE.ScribbleCtrl.1 ActiveX control (ImageViewer2.ocx) in Viscom Image Viewer CP Pro 8.0 and Gold 6.0 allows remote attackers to execute arbitrary code via a long st…

Vulnerability class: Buffer Overflow

EPSS: 0.558 (98.1th percentile) — read the EPSS interpretation.

Affected products

Viscomsoft Image_viewer_cp_gold_sdk — versions 6.0
Viscomsoft Image_viewer_cp_pro_sdk — versions 8.0
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

Public proof-of-concept exploits

rapid7/metasploit-framework

References

15668 (exploit, x_refsource_EXPLOIT-DB)
18123 (Exploit, exploit, x_refsource_EXPLOIT-DB)
imageviewer-tifmergemultifiles-bo(63666) (vdb-entry, x_refsource_XF)
42445 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)

Frequently asked questions

What is CVE-2010-5193?: CVE-2010-5193 is a vulnerability in Viscomsoft Image_viewer_cp_gold_sdk, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2012-08-31.
Is CVE-2010-5193 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.