10 matches found
Stack overflow
Stack-based buffer overflow in the BITIFF.BITiffCtrl.1 ActiveX control in BITiff.ocx 10.9.3.0 in Black Ice Barcode SDK 5.01 allows remote attackers to execute arbitrary code via a long first argument to the SetByteOrder method...
CVE-2008-2693
Stack-based buffer overflow in the BITIFF.BITiffCtrl.1 ActiveX control in BITiff.ocx 10.9.3.0 in Black Ice Barcode SDK 5.01 allows remote attackers to execute arbitrary code via a long first argument to the SetByteOrder method...
Memory corruption
The BIDIB.BIDIBCtrl.1 ActiveX control in BIDIB.ocx 10.9.3.0 in Black Ice Barcode SDK 5.01 allows remote attackers to execute arbitrary code via long strings in the two arguments to the DownloadImageFileURL method, which trigger memory corruption. NOTE: some of these details are obtained from thir...
CVE-2008-2683
The BIDIB.BIDIBCtrl.1 ActiveX control in BIDIB.ocx 10.9.3.0 in Black Ice Barcode SDK 5.01 allows remote attackers to force the download and storage of arbitrary files by specifying the origin URL in the first argument to the DownloadImageFileURL method, and the local filename in the second...
Information disclosure
The BIDIB.BIDIBCtrl.1 ActiveX control in BIDIB.ocx 10.9.3.0 in Black Ice Barcode SDK 5.01 allows remote attackers to force the download and storage of arbitrary files by specifying the origin URL in the first argument to the DownloadImageFileURL method, and the local filename in the second...
CVE-2008-2684
The BIDIB.BIDIBCtrl.1 ActiveX control in BIDIB.ocx 10.9.3.0 in Black Ice Barcode SDK 5.01 allows remote attackers to execute arbitrary code via long strings in the two arguments to the DownloadImageFileURL method, which trigger memory corruption. NOTE: some of these details are obtained from thir...
CVE-2008-2684
CVE-2008-2684 affects the BIDIB.ocx/Black Ice Barcode SDK 5.01 implementation: the BIDIBCtrl.1 ActiveX control allows remote attackers to trigger memory corruption by feeding long strings into the DownloadImageFileURL method, enabling arbitrary code execution. The vulnerability is rooted in how t...
EUVD-2008-2679
The BIDIB.BIDIBCtrl.1 ActiveX control in BIDIB.ocx 10.9.3.0 in Black Ice Barcode SDK 5.01 allows remote attackers to execute arbitrary code via long strings in the two arguments to the DownloadImageFileURL method, which trigger memory corruption. NOTE: some of these details are obtained from thir...
CVE-2008-2683
CVE-2008-2683 details (Normal mode): The BIDIB.BIDIBCtrl.1 ActiveX control (BIDIB.ocx 10.9.3.0) in Black Ice Barcode SDK 5.01 is vulnerable. A remote attacker can force the download and storage of arbitrary files by calling DownloadImageFileURL with the origin URL as the first argument and the lo...
Black Ice多个ActiveX控件栈溢出及内存破坏漏洞
BUGTRAQ ID: 29579 Black Ice Barcode SDK工具包提供各种1D和2D条码功能函数库。 Black Ice Barcode SDK所提供的多个ActiveX控件中存在安全漏洞,如果用户受骗访问了恶意网页的话,就可能导致执行任意代码或向系统中的任意位置写入文件。 1 BIDIB.BIDIBCtrl.1 ActiveX控件(BIDIB.ocx)没有安全的调用DownloadImageFileURL方式,可能导致向系统的任意位置下载任意文件,或通过超长参数触发内存破坏。 2 BITIFF.BITiffCtrl.1...