vendor:
COMMAX UMS Client ActiveX Control
by:
LiquidWorm
N/A
CVSS
HIGH
Heap Buffer Overflow
122
CWE
Product Name: COMMAX UMS Client ActiveX Control
Affected Version From: 1.7.0.2
Affected Version To: 1.7.0.2
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested: Windows
2021
COMMAX UMS Client ActiveX Control 1.7.0.2 – ‘CNC_Ctrl.dll’ Heap Buffer Overflow
The vulnerability is caused due to a boundary error in the processing of user input, which can be exploited to cause a heap based buffer overflow when a user inserts overly long array of string bytes through several functions. Successful exploitation could allow execution of arbitrary code on the affected node.
Mitigation:
Apply the latest patch or update from the vendor.