Showing 1 - 1 of 1

CVE-2014-2364

Status Candidate

Overview

Multiple stack-based buffer overflows in Advantech WebAccess before 7.2 allow remote attackers to execute arbitrary code via a long string in the (1) ProjectName, (2) SetParameter, (3) NodeName, (4) CCDParameter, (5) SetColor, (6) AlarmImage, (7) GetParameter, (8) GetColor, (9) ServerResponse, (10) SetBaud, or (11) IPAddress parameter to an ActiveX control in (a) webvact.ocx, (b) dvs.ocx, or (c) webdact.ocx.

Related Files

Advantech WebAccess dvs.ocx GetColor Buffer Overflow: Posted Sep 24, 2014; Authored by juan vazquez, temp66 | Site metasploit.com; This Metasploit module exploits a buffer overflow vulnerability in Advantec WebAccess. The vulnerability exists in the dvs.ocx ActiveX control, where a dangerous call to sprintf can be reached with user controlled data through the GetColor function. This Metasploit module has been tested successfully on Windows XP SP3 with IE6 and Windows 7 SP1 with IE8 and IE 9.; tags | exploit, overflow, activex; systems | windows; advisories | CVE-2014-2364; SHA-256 | 2c87a396ae651d2548218234d6c075460d07bc9f8c985df84efe8276828e073e; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 292 files
Ubuntu 66 files
Debian 33 files
Gentoo 28 files
LiquidWorm 10 files
nu11secur1ty 7 files
Adam Gowdiak 4 files
kai6u 3 files
liquidsky 3 files
malvuln 3 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,036)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,495)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,555)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,729)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,487)
UNIX (9,397)
UnixWare (187)
Windows (6,656)
Other

CVE-2014-2364

Overview

Related Files

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems