COMMAX WebViewer ActiveX Control Buffer Overflow Vulnerability Allowing Arbitrary Code Execution
Vulnerability
A buffer overflow vulnerability has been identified in the COMMAX WebViewer ActiveX Control version 2.1.4.5. This vulnerability allows attackers to execute arbitrary code by sending excessively long string arrays through multiple functions, exploiting boundary errors in the Commax_WebViewer.ocx file. The issue arises from improper input validation, which can be manipulated to create buffer overflow conditions.
Impact
Exploitation of this vulnerability leads to a buffer overflow, causing an access violation and allowing for arbitrary code execution. This type of vulnerability is commonly associated with memory corruption issues, where an attacker can manipulate the program's execution flow to execute malicious code.
Reproduction
The vulnerability can be reproduced by using a Python script that sends a crafted payload of string bytes, such as an array of 'A' characters, to the affected ActiveX control. This can be done by pasting the payload into an application that hosts the ActiveX control, such as Internet Explorer.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.