CVSS: 9.8EPSS: 76%CPEs: 14EXPL: 6CVE-2011-2089 – ICONICS WebHMI - ActiveX Buffer Overflow
https://notcve.org/view.php?id=CVE-2011-2089
13 May 2011 — Stack-based buffer overflow in the SetActiveXGUID method in the VersionInfo ActiveX control in GenVersion.dll 8.0.138.0 in the WebHMI subsystem in ICONICS BizViz 9.x before 9.22 and GENESIS32 9.x before 9.22 allows remote attackers to execute arbitrary code via a long string in the argument. NOTE: some of these details are obtained from third party information. Desbordamiento de búfer basado en el método SetActiveXGUID en el control VersionInfo ActiveX en GenVersion.dll v8.0.138.0 en el subsistema WebHMI en... • https://www.exploit-db.com/exploits/17269 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 18%CPEs: 1EXPL: 1CVE-2006-6488 – ICONICS Vessel / Gauge / Switch 8.02.140 - ActiveX Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-6488
31 Dec 2006 — Stack-based buffer overflow in the DoModal function in the Dialog Wrapper Module ActiveX control (DlgWrapper.dll) before 8.4.166.0, as used by ICONICS OPC Enabled Gauge, Switch, and Vessel ActiveX, allows remote attackers to execute arbitrary code via a long (1) FileName or (2) Filter argument. Desbordamiento de búfer basado en pila en la función DoModal en el control de ActiveX Dialog Wrapper Module (DlgWrapper.dll) anterior a la 8.4.166.0, como el utilizado en el ICONICS OPC Enabled Gauge, Switch y Vessel... • https://www.exploit-db.com/exploits/6570 •