Dz_Attacker

**Name of the Vulnerable Software and Affected Versions** Hyleos ChemView version 1.9.5.1 **Description** The issue concerns multiple stack-based buffer overflows in the HyleosChemView.HLChemView ActiveX control. This occurs when a large number of white space characters are included in the filename argument to the SaveasMolFile and ReadMolFile methods, allowing remote attackers to execute arbitrary code. **Recommendations** For Hyleos ChemView version 1.9.5.1, consider disabling the SaveasMolFile and ReadMolFile methods until a patch is available to prevent potential exploitation. Restrict access to the HyleosChemView.HLChemView ActiveX control to minimize the risk of arbitrary code execution. Avoid using the filename argument with a large number of white space characters in the affected methods. At the moment, there is no information about a newer version that contains a fix for this issue.