Intrusion Prevention

LEADTOOLS.ISIS.Control.Ltisi14E.OCX.ActiveX.Control.Access

Description

This indicates a heap based buffer overflow in LEAD Technologies LEADTOOLS ISIS ActiveX Control (ltisi14E.ocx) 14.5.0.44. It allows remote attackers to execute arbitrary code by sending a specially crafted Web page with an overly long DriverName property.

Affected Products

LeadTools ISIS Control 14.5.0.44

Impact

System compromise, remote code execution.

Recommended Actions

Currently we are not aware of any official supplied fix for this issue.

CVE References

CVE-2007-2827