CVE-2012-5324 – Tracker Software pdfSaver ActiveX 3.60 - 'pdfxctrl.dll' Stack Buffer Overflow (SEH) (PoC)

https://notcve.org/view.php?id=CVE-2012-5324

Multiple buffer overflows in the Pdf Printer Preferences ActiveX Control in pdfxctrl.dll in Tracker Software PDF-XChange 3.60.0128 allow remote attackers to execute arbitrary code via a long string in the (1) sub_path parameter to the StoreInRegistry function or (2) sub_key parameter to the InitFromRegistry function. Múltiples desbordamientos de búfer en Pdf Printer Preferences ActiveX Control en la biblioteca pdfxctrl.dll en PDF-XChange de Tracker Software versión 3.60.0128, permiten a los atacantes remotos ejecutar código arbitrario por medio de una cadena larga en el (1) parámetro sub_path en la función StoreInRegistry o (2) parámetro sub_key en la función InitFromRegistry. • https://www.exploit-db.com/exploits/18427 http://www.exploit-db.com/exploits/18427 http://www.securityfocus.com/bid/51712 http://www.zeroscience.mk/en/vulnerabilities/ZSL-2012-5067.php https://exchange.xforce.ibmcloud.com/vulnerabilities/72774 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •