Lucene search

MitreCVE-2010-0679

HistoryFeb 22, 2010 - 9:30 p.m.

CVE-2010-0679

2010-02-2221:30:00

CWE-119

mitre

web.nvd.nist.gov

cve-2010-0679

hyleoschemview

hlchemview

buffer overflow

activex control

nvd

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

Confidence

Low

EPSS

0.76

Percentile

98.2%

JSON

Multiple stack-based buffer overflows in the HyleosChemView.HLChemView ActiveX control (HyleosChemView.ocx) in Hyleos ChemView 1.9.5.1 allow remote attackers to execute arbitrary code via a large number of white space characters in the filename argument to the (1) SaveasMolFile and (2) ReadMolFile methods.

Affected configurations

Nvd

Node

hyleoschemviewMatch1.9.5.1

VendorProductVersionCPE
hyleoschemview1.9.5.1cpe:2.3:a:hyleos:chemview:1.9.5.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
hyleos	chemview	1.9.5.1	cpe:2.3:a:hyleos:chemview:1.9.5.1:::::::*

References

osvdb.org/62276

packetstormsecurity.org/1002-advisories/chemviewx-overflow.txt

packetstormsecurity.org/1002-exploits/hyleoschemview-heap.rb.txt

secunia.com/advisories/38523

www.exploit-db.com/exploits/11422

www.security-assessment.com/files/advisories/2010-02-11_ChemviewX_Activex.pdf

www.securityfocus.com/bid/38225

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

Confidence

Low

EPSS

0.76

Percentile

98.2%

JSON

Related for CVE-2010-0679