CVE-2011-0340 – InduSoft Thin Client ISSymbol InternationalSeparator Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2011-0340

Multiple buffer overflows in the ISSymbol ActiveX control in ISSymbol.ocx 61.6.0.0 and 301.1009.2904.0 in the ISSymbol virtual machine, as distributed in Advantech Studio 6.1 SP6 61.6.01.05, InduSoft Web Studio before 7.0+SP1, and InduSoft Thin Client 7.0, allow remote attackers to execute arbitrary code via a long (1) InternationalOrder, (2) InternationalSeparator, or (3) LogFileName property value; or (4) a long bstrFileName argument to the OpenScreen method. Múltiples desbordamientos de buffer en el control ActiveX ISSymbol de ISSymbol.ocx 61.6.0.0 y 301.1009.2904.0 de la máquina virtual ISSymbol, como se ha distribuído en Advantech Studio 6.1 SP6 61.6.01.05, InduSoft Web Studio anteriores a 7.0+SP1, y InduSoft Thin Client 7.0. Permite a atacantes remotos ejecutar código de su elección a través de los valores de propiedades extensos (1) InternationalOrder, (2) InternationalSeparator, o (3) LogFileName; o (4) un argumento bstrFileName extenso al método OpenScreen. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Indusoft Thin Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within ISSymbol.ocx ActiveX component. • https://www.exploit-db.com/exploits/23500 http://ics-cert.us-cert.gov/advisories/ICSA-12-249-03 http://secunia.com/advisories/42928 http://secunia.com/advisories/43116 http://secunia.com/secunia_research/2011-36 http://secunia.com/secunia_research/2011-37 http://www.advantechdirect.com/eMarketingPrograms/AStudio_Patch/AStudio7.0_Patch_Final.htm http://www.indusoft.com/hotfixes/hotfixes.php http://www.securityfocus.com/bid/47596 http://www.us-cert.gov/control_systems/pdf/ICS • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •