Authentium Command On Demand ActiveX Control - Multiple Buffer Overflow Vulnerabilities

EDB-ID:

33705

CVE:

N/A

EDB Verified:

Author:

Nikolas Sotiriu

Type:

remote

Exploit:   /  

Platform:

Windows

Date:

2010-03-04

Vulnerable App: 
source: https://www.securityfocus.com/bid/38544/info

The CSS Web Installer ActiveX control in Authentium Command On Demand Online scanner is prone to multiple buffer-overflow vulnerabilities.

An attacker can exploit these issues by enticing a victim to view a malicious webpage. Successful exploits will allow the attacker to execute arbitrary code within the context of the application that uses the ActiveX control (typically Internet Explorer). Failed exploit attempts will result in a denial-of-service condition.

Command On Demand CSS Web Installer ActiveX 1.4.9508.605 is vulnerable; other versions may also be affected.

Note: Reports indicate that the vendor no longer supports this product; vendor patches are not expected to be released. 

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/33705.zip
Tags:
Advisory/Source: Link
Databases Links Sites Solutions
Exploits Search Exploit-DB OffSec Courses and Certifications
Google Hacking Submit Entry Kali Linux Learn Subscriptions
Papers SearchSploit Manual VulnHub OffSec Cyber Range
Shellcodes Exploit Statistics Proving Grounds
Penetration Testing Services
Exploits Google Hacking Papers Shellcodes
Search Exploit-DB Submit Entry SearchSploit Manual Exploit Statistics
OffSec Kali Linux VulnHub
Courses and Certifications Learn Subscriptions OffSec Cyber Range Proving Grounds Penetration Testing Services