CVE-2011-0342

InduSoft Web Studio 7.0B2 hotfix 7.0.01.04 - Remote Code Execution via ISSymbol ActiveX Control Buffer Overflow

Title source: llm
STIX 2.1

Description

Multiple buffer overflows in the InduSoft ISSymbol ActiveX control in ISSymbol.ocx 301.1104.601.0 in InduSoft Web Studio 7.0B2 hotfix 7.0.01.04 allow remote attackers to execute arbitrary code via a long parameter to the (1) Open, (2) Close, or (3) SetCurrentLanguage method.

References (5)

Core 5
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/44875
Vendor Advisory x_refsource_misc
http://secunia.com/secunia_research/2011-61/
Various Sources x_refsource_confirm
http://www.indusoft.com/hotfixes/hotfixes.php
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/49403

Scores

EPSS 0.0592
EPSS Percentile 92.4%

Details

CWE
CWE-119
Status published
Products (1)
indusoft/web_studio 7.0b2 hotfix7.0.01.04
Published Sep 02, 2011
Tracked Since Feb 18, 2026