CVE-2006-6488

Name of the Vulnerable Software and Affected Versions ICONICS OPC Enabled Gauge, Switch, and Vessel ActiveX versions prior to 8.4.166.0

Description The issue is related to a stack-based buffer overflow in the DoModal function within the Dialog Wrapper Module ActiveX control. This can be exploited by remote attackers to execute arbitrary code by providing a long FileName or Filter argument.

Recommendations For versions prior to 8.4.166.0, update to version 8.4.166.0 or later to resolve the issue. As a temporary workaround, consider restricting the use of the DoModal function in the Dialog Wrapper Module ActiveX control until a patch is applied. Avoid using long FileName or Filter arguments in the affected ActiveX control to minimize the risk of exploitation.