Buffer overflow

Buffer overflow in the VSFlex7.VSFlexGrid ActiveX control in ComponentOne FlexGrid 7.1, as used in Open Automation Software OPC Systems.NET, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long archive file name argument to the Archive method...

CVE-2012-0227

The CVE-2012-0227 entry refers to a buffer overflow in the VSFlex7.VSFlexGrid ActiveX control (ComponentOne FlexGrid 7.1) used by Open Automation Software OPC Systems.NET. The vulnerability is triggered by a long archive file name argument to the Archive method, allowing remote denial of service ...

Stack overflow

Multiple stack-based buffer overflows in the VSFlexGrid.VSFlexGridL ActiveX control in ComponentOne FlexGrid 7.1 Light allow remote attackers to cause a denial of service and possibly execute arbitrary code via a long string in the 1 Text, 2 EditSelText, 3 EditText, and 4 CellFontName property...

flexgrid-overflow.txt

The ComponentOne FlexGrid 7.1 VSFlexGrid.VSFlexGridL has multiple stack overflows. I have not tested code execution nor do I remember what this component was installed with. PoC as follows: -------------------- function Check var s = "AAAA"; while s.length -------------------- Elazar...