SizerOne ActiveX Control AddTab Method Remote Buffer Overflow

The SizerOne ActiveX control is installed on the remote system. It is included with ComponentOne Studio Enterprise as well as other applications such as TSC2 Help Desk and SAP GUI. The installed version of the control is affected by a heap-based buffer overflow vulnerability that can be triggered...

多个供应商SizerOne ActiveX控件'AddTab'方法缓冲区溢出漏洞

BUGTRAQ ID: 33148 CNCAN ID：CNCAN-2009010809 ComponentOne SizerOne是一款集成了四个控件的组件工具，包括了两个调整分割控件用来控制所有的调整分割任务，一个个Tabbling控件用来快速创建类似记事本和OutLook风格的Tab，一个字符分割控件自动处理分割和剪切字符的工作。 ComponentOne SizerOne包含的控件对'AddTab'方法处理存在问题，远程攻击者可以利用漏洞以应用程序权限执行任意指令。 -TAB...