CVE-2015-0986 – Moxa VPort ActiveX SDK PLUS GetClientReg Name Parameter Stack Buffer Overflow Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2015-0986

Multiple stack-based buffer overflows in Moxa VPort ActiveX SDK Plus before 2.8 allow remote attackers to insert assembly-code lines via vectors involving a regkey (1) set or (2) get command. Múltiples desbordamientos de buffer basado en pila en Moxa VPort ActiveX SDK Plus anterior a 2.8 permiten a atacantes remotos insertar líneas de código de montaje a través de vectores que involucran un comando regkey (1) set o (2) get. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of VPort ActiveX SDK PLUS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the VPORTSDK.VPortSDKCtrl.1 ActiveX control. By passing an overly long string to the GetClientReg method's Name parameter, an attacker can overflow a buffer on the stack. • http://www.moxa.com/support/download.aspx?d_id=2114 http://www.securityfocus.com/bid/73960 http://www.zerodayinitiative.com/advisories/ZDI-15-392 https://ics-cert.us-cert.gov/advisories/ICSA-15-097-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •