PT-2010-4419 · Barcodewiz · Barcodewiz Barcode
Loneferret
·
Published
2010-08-04
·
Updated
2017-08-17
·
CVE-2010-2932
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
BarCodeWiz BarCode version 3.29
Description
The issue is related to a buffer overflow in the BarCodeWiz BarCode 3.29 ActiveX control, specifically in the BarcodeWiz.dll file. This occurs when a long argument is passed to the
LoadProperties method, allowing remote attackers to execute arbitrary code.Recommendations
For BarCodeWiz BarCode version 3.29, consider disabling the
LoadProperties method as a temporary workaround until a patch is available. Restrict access to the BarcodeWiz.dll file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.Exploit
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Barcodewiz Barcode