PT-2006-4741 · Newton+1 · Newtone Imagekit+1

Will Dormann

Published

2006-12-04

Updated

2017-07-20

CVE-2006-3893

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Newtone ImageKit versions 5 before Fix 30 Newtone ImageKit versions 6 before Fix 40 CASIO Photo Loader software versions prior to 3.01

Description The issue is related to multiple buffer overflows in the ActiveX controls of Newtone ImageKit, which can be exploited by remote attackers to execute arbitrary code. This can be achieved via a crafted HTML document.

Recommendations For Newtone ImageKit versions 5 before Fix 30, update to Fix 30 or later to resolve the issue. For Newtone ImageKit versions 6 before Fix 40, update to Fix 40 or later to resolve the issue. For CASIO Photo Loader software versions prior to 3.01, update to version 3.01 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-3893

Affected Products

Casio Photo Loader

Newtone Imagekit

PT-2006-4741 · Newton+1 · Newtone Imagekit+1

CVE-2006-3893

Related Identifiers

Affected Products

References · 7