1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: Viscom Image Viewer CVE-2010-5193

Web Attack: Viscom Image Viewer CVE-2010-5193

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects an attempt to exploit a stack based buffer overflow vulnerability in Viscom Image Viewer CP Pro which could result in remote code execution or cause a denial-of-service.

Additional Information

Two vulnerabilities have been discovered in Image Viewer CP Pro and Gold, which can be exploited by malicious people to compromise a user's system.

1) A boundary error in the SCRIBBLE.ScribbleCtrl.1 ActiveX control (ImageViewer2.ocx) can be exploited to cause a stack-based buffer overflow by passing an overly long "strPDFFile" parameter to the "Image2PDF()" method.

2) A boundary error in the SCRIBBLE.ScribbleCtrl.1 ActiveX control (ImageViewer2.ocx) can be exploited to cause a stack-based buffer overflow by passing an overly long "strDelimit" parameter to the "TIFMergeMultiFiles()" method.

Successful exploitation of these vulnerabilities allows execution of arbitrary code.

The vulnerabilities are confirmed in the following versions (other versions may also be affected):
* Image Viewer CP Pro SDK ActiveX 8.0
* Image Viewer CP Gold SDK ActiveX 6.0

Affected

  • Image Viewer CP Pro SDK ActiveX 8.0 and Image Viewer CP Gold SDK ActiveX 6.0
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube