CVE-2010-5194

Viscom Image Viewer <8.0 - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2010-5194. PoCs published by Metasploit, bz1p.

AI-analyzed exploit summary This Metasploit module exploits a stack-based buffer overflow in the Viscom Image Viewer CP Pro 8.0/Gold 6.0 ActiveX control via the TifMergeMultiFiles() method. It includes ROP chains to bypass DEP and ASLR on various Windows versions with Java support.

Description

Stack-based buffer overflow in the Image2PDF function in the SCRIBBLE.ScribbleCtrl.1 ActiveX control (ImageViewer2.ocx) in Viscom Image Viewer CP Pro 8.0, Gold 5.5, Gold 6.0, and earlier allows remote attackers to execute arbitrary code via a long strPDFFile parameter.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/18123

View Code ZIP pw:eip

This Metasploit module exploits a stack-based buffer overflow in the Viscom Image Viewer CP Pro 8.0/Gold 6.0 ActiveX control via the TifMergeMultiFiles() method. It includes ROP chains to bypass DEP and ASLR on various Windows versions with Java support.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Viscom Image Viewer CP Pro 8.0/Gold 6.0

No auth needed

Prerequisites: Victim must browse to the exploit page · ActiveX control must be installed · Java support required for DEP/ASLR bypass

MITRE ATT&CK

T1189 - Drive-by Compromise T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC

by bz1p · rubyremotewindows

https://www.exploit-db.com/exploits/15658

View Code ZIP pw:eip

This is a Metasploit module exploiting a stack buffer overflow in Image Viewer CP Gold ActiveX Control 5.5 via an overly long string to the Image2PDF() property. It delivers a Meterpreter payload for remote code execution.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Image Viewer CP Gold ActiveX Control 5.5

No auth needed

Prerequisites: Target must have the vulnerable ActiveX control installed · Target must visit a malicious webpage or open a malicious HTML file

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/69566

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/63642

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/42445

Exploit exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/15658

Scores

EPSS 0.0634

EPSS Percentile 92.7%

Details

CWE

CWE-119

Status published

Products (3)

viscomsoft/image_viewer_cp_gold_sdk 5.5

viscomsoft/image_viewer_cp_gold_sdk 6.0

viscomsoft/image_viewer_cp_pro_sdk 8.0

Published Aug 31, 2012

Tracked Since Feb 18, 2026