CVE-2010-5193

Name of the Vulnerable Software and Affected Versions Viscom Image Viewer CP Pro version 8.0 Viscom Image Viewer Gold version 6.0

Description The issue is a stack-based buffer overflow in the TIFMergeMultiFiles function, located in the SCRIBBLE.ScribbleCtrl.1 ActiveX control (ImageViewer2.ocx). This allows remote attackers to execute arbitrary code via a long strDelimit parameter.

Recommendations For Viscom Image Viewer CP Pro version 8.0, consider disabling the TIFMergeMultiFiles function until a patch is available. For Viscom Image Viewer Gold version 6.0, restrict access to the SCRIBBLE.ScribbleCtrl.1 ActiveX control to minimize the risk of exploitation. Avoid using the strDelimit parameter in the affected ActiveX control until the issue is resolved.