CVE-2011-0342
InduSoft Web Studio 7.0B2 hotfix 7.0.01.04 - Remote Code Execution via ISSymbol ActiveX Control Buffer Overflow
Title source: llmDescription
Multiple buffer overflows in the InduSoft ISSymbol ActiveX control in ISSymbol.ocx 301.1104.601.0 in InduSoft Web Studio 7.0B2 hotfix 7.0.01.04 allow remote attackers to execute arbitrary code via a long parameter to the (1) Open, (2) Close, or (3) SetCurrentLanguage method.
References (5)
Core 5
Core References
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/44875
Vendor Advisory x_refsource_misc
http://secunia.com/secunia_research/2011-61/
Various Sources x_refsource_misc
http://ics-cert.us-cert.gov/advisories/ICSA-11-273-02
Various Sources x_refsource_confirm
http://www.indusoft.com/hotfixes/hotfixes.php
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/49403
Scores
EPSS
0.0592
EPSS Percentile
92.4%
Details
CWE
CWE-119
Status
published
Products (1)
indusoft/web_studio
7.0b2 hotfix7.0.01.04
Published
Sep 02, 2011
Tracked Since
Feb 18, 2026