Lucene search

[email protected]CVE-2010-5194

HistoryAug 31, 2012 - 9:55 p.m.

CVE-2010-5194

2012-08-3121:55:01

CWE-119

[email protected]

web.nvd.nist.gov

cve-2010-5194

image2pdf

buffer overflow

scribblectrl

activex

code execution

viscom image viewer

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.3 High

AI Score

Confidence

Low

0.167 Low

EPSS

Percentile

96.1%

JSON

Stack-based buffer overflow in the Image2PDF function in the SCRIBBLE.ScribbleCtrl.1 ActiveX control (ImageViewer2.ocx) in Viscom Image Viewer CP Pro 8.0, Gold 5.5, Gold 6.0, and earlier allows remote attackers to execute arbitrary code via a long strPDFFile parameter.

Affected configurations

NVD

Node

viscomsoftimage_viewer_cp_gold_sdkMatch5.5

viscomsoftimage_viewer_cp_gold_sdkMatch6.0

viscomsoftimage_viewer_cp_pro_sdkMatch8.0

CPENameOperatorVersion
viscomsoft:image_viewer_cp_gold_sdkviscomsoft image viewer cp gold sdkeq5.5
viscomsoft:image_viewer_cp_gold_sdkviscomsoft image viewer cp gold sdkeq6.0
viscomsoft:image_viewer_cp_pro_sdkviscomsoft image viewer cp pro sdkeq8.0

CPE	Name	Operator	Version
viscomsoft:image_viewer_cp_gold_sdk	viscomsoft image viewer cp gold sdk	eq	5.5
viscomsoft:image_viewer_cp_gold_sdk	viscomsoft image viewer cp gold sdk	eq	6.0
viscomsoft:image_viewer_cp_pro_sdk	viscomsoft image viewer cp pro sdk	eq	8.0

References

secunia.com/advisories/42445

www.exploit-db.com/exploits/15658

www.osvdb.org/69566

exchange.xforce.ibmcloud.com/vulnerabilities/63642

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.3 High

AI Score

Confidence

Low

0.167 Low

EPSS

Percentile

96.1%

JSON

Related for CVE-2010-5194

prion1 nvd1 seebug1 cvelist1