CVE-2010-5194

Viscom Image Viewer <8.0 - Buffer Overflow

Title source: llm

Description

Stack-based buffer overflow in the Image2PDF function in the SCRIBBLE.ScribbleCtrl.1 ActiveX control (ImageViewer2.ocx) in Viscom Image Viewer CP Pro 8.0, Gold 5.5, Gold 6.0, and earlier allows remote attackers to execute arbitrary code via a long strPDFFile parameter.

Exploits (2)

exploitdb WORKING POC

by bz1p · rubyremotewindows

https://www.exploit-db.com/exploits/15658

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/18123

View Code ZIP pw:eip

References (4)

[Vendor Advisory] http://secunia.com/advisories/42445

[Exploit] http://www.exploit-db.com/exploits/15658

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/63642

[Third Party Advisory, VDB Entry] http://www.osvdb.org/69566

Scores

EPSS 0.2812

EPSS Percentile 96.4%

Classification

CWE

CWE-119

Status draft

Affected Products (3)

viscomsoft/image_viewer_cp_gold_sdk

viscomsoft/image_viewer_cp_gold_sdk

viscomsoft/image_viewer_cp_pro_sdk

Timeline

Published Aug 31, 2012

Tracked Since Feb 18, 2026