CVSS: 9.3EPSS: 2%CPEs: 3EXPL: 1CVE-2012-0227
https://notcve.org/view.php?id=CVE-2012-0227
Buffer overflow in the VSFlex7.VSFlexGrid ActiveX control in ComponentOne FlexGrid 7.1, as used in Open Automation Software OPC Systems.NET, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long archive file name argument to the Archive method. Desbordamiento de búfer en el control ActiveX VSFlex7.VSFlexGrid en ComponentOne FlexGrid v7.1, como el usado en Open Automation Software OPC Systems.NET, permite a atacantes remotos provocar una denegación de servicio (caída) o ejecutar código de su elección mediante un nombre del fichero largo como argumento sobre el método Archive. • http://dsecrg.com/pages/vul/show.php?id=406 http://www.securityfocus.com/bid/51601 http://www.us-cert.gov/control_systems/pdf/ICSA-12-012-01A.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/72604 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 81%CPEs: 5EXPL: 0CVE-2008-4827
https://notcve.org/view.php?id=CVE-2008-4827
Multiple heap-based buffer overflows in the AddTab method in the (1) Tab and (2) CTab ActiveX controls in c1sizer.ocx and the (3) TabOne ActiveX control in sizerone.ocx in ComponentOne SizerOne 8.0.20081.140, as used in ComponentOne Studio for ActiveX 2008, TSC2 Help Desk 4.1.8, SAP GUI 6.40 Patch 29 and 7.10, and possibly other products, allow remote attackers to execute arbitrary code by adding many tabs, or adding tabs with long tab captions. Múltiples desbordamientos de búfer basados en montículo en el método AddTab en los controles ActiveX (1) Tab y (2) CTab en c1sizer.ocx y control ActiveX (3) TabOne en sizerone.ocx en ComponentOne SizerOne v8.0.20081.140, como el utilizado en ComponentOne Studio para ActiveX 2008, TSC2 Help Desk 4.1.8, SAP GUI 6.40 Patch 29 y v7.10, y posiblemente otros productos, permiten a atacantes remotos ejecutar código de su elección añadiendo muchas pestañas, o añadiendo pestañas con un título largo. • http://secunia.com/advisories/32609 http://secunia.com/advisories/32648 http://secunia.com/advisories/32672 http://secunia.com/secunia_research/2008-52 http://secunia.com/secunia_research/2008-53 http://secunia.com/secunia_research/2008-54 http://securityreason.com/securityalert/4879 http://securitytracker.com/id?1021529 http://www.securityfocus.com/archive/1/499830/100/0/threaded http://www.securityfocus.com/bid/33148 http://www.vupen.com/english/advisories/2009/0036 http:& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 2%CPEs: 2EXPL: 1CVE-2008-4132
https://notcve.org/view.php?id=CVE-2008-4132
Stack-based buffer overflow in the VSFlexGrid.VSFlexGridL ActiveX control in ComponentOne VSFlexGrid 7.0.1.151 and 8.0.20072.239 allows remote attackers to execute arbitrary code via a long first argument to the Archive method. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Desbordamiento de búfer basado en pila en el control ActiveX VSFlexGrid.VSFlexGridL en ComponentOne VSFlexGrid 7.0.1.151 y 8.0.20072.239 permite a atacantes remotos ejecutar código de su elección a través del primer argumento largo para el método Archive. NOTA: el origen de esta información es desconocido; los detalles se han obtenido únicamente de información de terceros. • http://www.securityfocus.com/bid/31200 https://exchange.xforce.ibmcloud.com/vulnerabilities/45184 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 27%CPEs: 1EXPL: 1CVE-2007-6028 – ComponentOne FlexGrid 7.1 - ActiveX Control Multiple Buffer Overflow Vulnerabilities
https://notcve.org/view.php?id=CVE-2007-6028
Multiple stack-based buffer overflows in the VSFlexGrid.VSFlexGridL ActiveX control in ComponentOne FlexGrid 7.1 Light allow remote attackers to cause a denial of service and possibly execute arbitrary code via a long string in the (1) Text, (2) EditSelText, (3) EditText, and (4) CellFontName property values. Múltiples desbordamientos de búfer basado en pila en el control ActiveX VSFlexGrid.VSFlexGridL de ComponentOne FlexGrid 7.1 Light permiten a atacantes remotos provocar una denegación de servicio y posiblemente ejecutar código de su elección mediante una cadena larga en los valores de propiedad (1) Text, (2) EditSelText, (3) EditText, y (4) CellFontName. • https://www.exploit-db.com/exploits/30772 http://marc.info/?l=full-disclosure&m=119517573408574&w=2 http://www.securityfocus.com/bid/26467 https://exchange.xforce.ibmcloud.com/vulnerabilities/38507 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •