CVE-2011-0342

Name of the Vulnerable Software and Affected Versions InduSoft Web Studio version 7.0B2 hotfix 7.0.01.04

Description The issue concerns multiple buffer overflows in the InduSoft ISSymbol ActiveX control. These overflows can be triggered by passing a long parameter to specific methods, allowing remote attackers to execute arbitrary code. The affected methods include the Open(), Close(), and SetCurrentLanguage() functions.

Recommendations For InduSoft Web Studio version 7.0B2 hotfix 7.0.01.04, consider disabling the ISSymbol ActiveX control until a patch is available to prevent exploitation through the Open(), Close(), and SetCurrentLanguage() methods. Restrict access to these methods to minimize the risk of arbitrary code execution.