Description
Stack-based buffer overflow in the save method in the IntegraXor.Project ActiveX control in igcomm.dll in Ecava IntegraXor Human-Machine Interface (HMI) before 3.5.3900.10 allows remote attackers to execute arbitrary code via a long string in the second argument.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Jeremy Brown · pythondoswindows
https://www.exploit-db.com/exploits/15767
References (7)
Core 7
Core References
Patch x_refsource_misc
http://www.us-cert.gov/control_systems/pdf/ICSA-10-322-01.pdf
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/42650
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/603928
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/45487
Vendor Advisory x_refsource_misc
http://www.integraxor.com/blog/integraxor-3-5-scada-security-issue-20101006-0109-vulnerability-note
Exploit exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/15767
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2010/3275
Scores
EPSS
0.3126
EPSS Percentile
96.8%
Details
CWE
CWE-119
Status
published
Products (1)
ecava/integraxor
< 3.5.3900.5
Published
Dec 23, 2010
Tracked Since
Feb 18, 2026