23 matches found
EUVD-2013-7261
Malware in sbrugna...
CVE-2013-10057
A stack-based buffer overflow vulnerability exists in Synactis PDF In-The-Box ActiveX control PDFIN1.ocx, specifically the ConnectToSynactis method. When a long string is passed to this method—intended to populate the ldCmdLine argument of a WinExec call—a strcpy operation overwrites a saved...
CVE-2013-10057
A stack-based buffer overflow vulnerability exists in Synactis PDF In-The-Box ActiveX control PDFIN1.ocx, specifically the ConnectToSynactis method. When a long string is passed to this method—intended to populate the ldCmdLine argument of a WinExec call—a strcpy operation overwrites a saved...
CVE-2013-10057 Synactis PDF In-The-Box ConnectToSynactic Stack-Based Buffer Overflow
A stack-based buffer overflow vulnerability exists in Synactis PDF In-The-Box ActiveX control PDFIN1.ocx, specifically the ConnectToSynactis method. When a long string is passed to this method—intended to populate the ldCmdLine argument of a WinExec call—a strcpy operation overwrites a saved...
CVE-2013-10057
Synactis PDF In-The-Box ActiveX control (PDF_IN_1.ocx) contains a stack-based buffer overflow in the ConnectToSynactis method. A long string passed to populate ldCmdLine for WinExec can overwrite a saved TRegistry pointer on the stack, enabling remote code execution when a user visits a malicious...
CVE-2013-10057 Synactis PDF In-The-Box ConnectToSynactic Stack-Based Buffer Overflow
A stack-based buffer overflow vulnerability exists in Synactis PDF In-The-Box ActiveX control PDFIN1.ocx, specifically the ConnectToSynactis method. When a long string is passed to this method—intended to populate the ldCmdLine argument of a WinExec call—a strcpy operation overwrites a saved...
PT-2025-31691 · Synactis +1 · Synactis Pdf In-The-Box +1
Name of the Vulnerable Software and Affected Versions: Synactis PDF In-The-Box ActiveX control PDF IN 1.ocx affected versions not specified Description: A stack-based buffer overflow vulnerability exists in the ConnectToSynactis method of the Synactis PDF In-The-Box ActiveX control PDF IN 1.ocx. ...
Synactis PDF In-The-Box 安全漏洞
Synactis PDF In-The-Box is a PDF generation and manipulation component from the French company Synactis. A security vulnerability exists in Synactis PDF In-The-Box that stems from a buffer overflow in the ConnectToSynactis method, which could lead to remote code execution...
CVE-2013-10057
creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/synactisconnecttosynactisbof.rb 2025-10-23 21:12:57+00:00| seen| MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7...
Synactis PDF In-The-Box ConnectToSynactic Stack Buffer Overflow
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...
Synactis All_IN_THE_BOX ActiveX 3.0 - Null byte File Overwrite Vuln
No description provided by source. Digital Security Research Group DSecRG Advisory DSECRG-09-006 http://www.dsecrg.com/pages/vul/show.php?id=62 Application: Synactis AllINTHEBOX ActiveX Versions Affected: 3 Vendor URL: http://synactis.com Bugs: Null byte File overwriting Exploits: YES Reported:...
Synactis PDF In-The-Box - ConnectToSynactic Stack Buffer Overflow (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 HttpClients::IE,...
Synactis PDF In-The-Box ConnectToSynactic Stack Buffer Overflow
This Metasploit module exploits a vulnerability found in Synactis' PDF In-The-Box ActiveX component, specifically PDFIN1.ocx. When a long string of data is given to the ConnectToSynactis function, which is meant to be used for the ldCmdLine argument of a WinExec call, a strcpy routine can end up...
Synactis PDF In-The-Box ConnectToSynactic Stack Buffer Overflow
This module exploits a vulnerability found in Synactis' PDF In-The-Box ActiveX component, specifically PDFIN1.ocx. When a long string of data is given to the ConnectToSynactis function, which is meant to be used for the ldCmdLine argument of a WinExec call, a strcpy routine can end up overwriting...
Synactis All-In-The-Box ActiveX Remote Code Execution Vulnerability
This host is installed with All-In-The-Box ActiveX and is prone to Remote Code Execution Vulnerability. OpenVAS Vulnerability Test $Id: gbsynactisallintheboxactivexcodeexecvuln.nasl 5369 2017-02-20 14:48:07Z cfi $ Synactis All-In-The-Box ActiveX Remote Code Execution Vulnerability Authors: Sujit...
Synactis All-In-The-Box ActiveX RCE Vulnerability
All-In-The-Box ActiveX is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2009-0465
The CVE-2009-0465 entry describes a vulnerability in Synactis ALL In-The-Box ActiveX 3, specifically the All_In_The_Box.AllBox ActiveX control (ALL_IN_THE_BOX.OCX). The SaveDoc method is exploitable to remotely create and overwrite arbitrary files by passing an argument that ends with a null char...
Synactis ALL In-The-Box ActiveX控件SaveDoc()方法覆盖任意文件漏洞
Synactis ALL In-The-Box ActiveX控件是一种PDF及图像文件自动化生成及输出工具。 ALL In-The-Box ActiveX控件AllInTheBox.ocx的SaveDoc方法实现上存在漏洞,远程攻击者可能利用此漏洞通过指定以NULL结尾的文件名覆盖系统上的任意文件,导致拒绝服务或任意命令执行。 Synactis ALL In-The-Box ActiveX 3.x 厂商补丁: Synactis -------- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.synactis.com...
Synactis All_IN_THE_BOX ActiveX v3 Null byte File Overwrite Vuln
No description provided by source. Digital Security Research Group DSecRG Advisory DSECRG-09-006 http://www.dsecrg.com/pages/vul/show.php?id=62 Application: Synactis AllINTHEBOX ActiveX Versions Affected: 3 Vendor URL: http://synactis.com Bugs: Null byte File overwriting Exploits: YES Reported:...
Synactic ALL_IN_THE_BOX File Overwrite
DSECRG-09-006 Synactis AllINTHEBOX ActiveX Control - Null byte File Owervrite Synactis AllINTHEBOX ActiveX Control ALLINTHEBOX.OCX can be used to owervrite any any file in target system. Vulnerable method is "SaveDoc" Application: Synactis AllINTHEBOX ActiveX Versions Affected: 3 Vendor URL:...