Buffer overflow in Commax Co., Ltd. Ums Client Activex Control
CVE-2021-47705
COMMAX UMS Client ActiveX Control 1.7.0.2 contains a heap-based buffer overflow vulnerability that allows attackers to execute arbitrary code by providing excessively long string arrays through multiple functions. Attackers can exploit imp…
Vulnerability class: Buffer Overflow
EPSS: 0.004 (35.7th percentile) — read the EPSS interpretation.
Affected products
- Commax Co., Ltd. Ums Client Activex Control — versions 1.7.0.2
Weakness classification (CWE)
References
- disclosure@vulncheck.com (exploit)
- disclosure@vulncheck.com (third-party-advisory)
- disclosure@vulncheck.com (technical-description)
- disclosure@vulncheck.com (third-party-advisory)