Buffer overflow in Indusoft Web_studio

CVE-2011-0342

Multiple buffer overflows in the InduSoft ISSymbol ActiveX control in ISSymbol.ocx 301.1104.601.0 in InduSoft Web Studio 7.0B2 hotfix 7.0.01.04 allow remote attackers to execute arbitrary code via a long parameter to the (1) Open, (2) Clos…

Vulnerability class: Buffer Overflow

EPSS: 0.073 (91.9th percentile) — read the EPSS interpretation.

Affected products

Indusoft Web_studio — versions 7.0b2
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

44875 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
PSIRT-CNA@flexerasoftware.com (x_refsource_MISC, Vendor Advisory)
PSIRT-CNA@flexerasoftware.com (x_refsource_MISC)
PSIRT-CNA@flexerasoftware.com (x_refsource_CONFIRM)
49403 (vdb-entry, x_refsource_BID)