Showing 1 - 2 of 2

Files from bls

Email address	blair.strang at security-assessment.com
First Active	2011-05-04
Last Active	2011-05-12

ICONICS WebHMI ActiveX Buffer Overflow: Posted May 12, 2011; Authored by sinn3r, sgb, bls | Site metasploit.com; This Metasploit module exploits a vulnerability found in ICONICS WebHMI's ActiveX control. By supplying a long string of data to the 'SetActiveXGUID' parameter, GenVersion.dll fails to do any proper bounds checking before this input is copied onto the stack, which causes a buffer overflow, and results arbitrary code execution under the context of the user.; tags | exploit, overflow, arbitrary, code execution, activex; advisories | OSVDB-72135; SHA-256 | 627c824b526df4f9b075cf7631d7fbdbd9747ed69a817b804cc5b007faa0cb03; Download | Favorite | View

ICONICS WebHMI Active-X Stack Overflow: Posted May 4, 2011; Authored by sgb, bls | Site security-assessment.com; ICONICS Genesis32 is a suite of OPC, SNMP, BACnet and Web-enabled HMI and SCADA applications. A stack overflow was found in an ActiveX control required by the WebHMI interface. This condition can be used to gain command execution. The affected control is 'GenVersion.dll' and has the ClassID of {CEFF5F48-BD2E-4D10-BAE5-AF729975E223}. This control is marked safe for scripting.; tags | exploit, web, overflow, activex; SHA-256 | e2cc945e05990c73d34e1f078184b4608dc08dbcc60fbcdef0908d92ab249b3f; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days