CVE-2010-5194

Name of the Vulnerable Software and Affected Versions Viscom Image Viewer CP Pro versions 8.0 and earlier Viscom Image Viewer Gold versions 6.0 and earlier Viscom Image Viewer Gold version 5.5

Description The issue is related to a stack-based buffer overflow in the Image2PDF function within the SCRIBBLE.ScribbleCtrl.1 ActiveX control, specifically in the ImageViewer2.ocx component. This overflow can be triggered by remote attackers who provide a long strPDFFile parameter, potentially allowing them to execute arbitrary code.

Recommendations For Viscom Image Viewer CP Pro version 8.0 and earlier, update to a version that fixes this issue. For Viscom Image Viewer Gold version 6.0 and earlier, update to a version that fixes this issue. For Viscom Image Viewer Gold version 5.5, update to a version that fixes this issue. As a temporary workaround, consider restricting access to the Image2PDF function in the SCRIBBLE.ScribbleCtrl.1 ActiveX control until a patch is available.