21 April, 2011

Gesytec ElonFmt ActiveX 1.1.14 (ElonFmt.ocx) pid Item Buffer Overflow (SEH)

The ElonFmt ActiveX Control Module suffers from a buffer overflow vulnerability. When a large buffer is sent to the pid item of the GetItem1 function in elonfmt.ocx module, we get a few memory registers overwritten including the SEH. We’re dealing with a character translation. An attacker can gain access to the system on the affected node and execute arbitrary code.





Read on: http://zeroscience.mk/blog/04/2011/gesytec-elonfmt-activex-1-1-14-elonfmt-ocx-pid-item-buffer-overflow-seh/

No comments: