Summary
This host is installed with SigPlus Pro ActiveX Control and is prone to buffer overflow vulnerability.
Impact
Successful exploitation could allow remote attackers to execute arbitrary code on the system or cause the victim's browser to crash.
Impact Level: Application/System
Solution
Upgrade to SigPlus Pro ActiveX control version 3.95 or later, For updates refer to
http://www.topazsystems.com/software/download/sigplusactivex.htm
Insight
The flaw is due to a boundary error in SigPlus.ocx when handling the 'HexString' argument passed to the 'LCDWriteString()' method and can be exploited to cause a stack-based buffer overflow via an overly long string.
Affected
SigPlus Pro ActiveX control version 3.74
References
Severity
Classification
-
CVE CVE-2010-2931 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- ACDSee FotoSlate PLP Multiple Buffer Overflow Vulnerabilities
- Adobe Reader 'XFDF' File Buffer Overflow Vulnerability (Mac OS X)
- Apple Safari 'CSS' Buffer Overflow Vulnerability (Win) - Dec09
- Cogent DataHub Unicode Buffer Overflow Vulnerability
- Adobe Reader 'File Extension' Buffer Overflow Vulnerability (Windows)