Avax.Vector.avpreview.OCX.ActiveX.Control.Buffer.Overflow
Description
Buffer overflow in the Avax Vector ActiveX control in avPreview.ocx in AVAX-software Avax Vector ActiveX 1.3 allows remote attackers to cause a denial of service (application crash) via a long PrinterName property.
Affected Products
Avax Vector ActiveX Version 1.3
Impact
This vulnerability could allow execution of arbitrary code within the context of an application that uses the ActiveX control.
Recommended Actions
Workaround:
1) Setting a kill bit for the Avax Vector 'avPreview.ocx' ActiveX Control CLSID (9589AEC9-1C2D-4428-B7E8-63B39D356F9C) can prevent exploitation through Internet Explorer. Refer to Microsoft article KB240797 for information on setting the kill bit.
2) To prevent exploitation of ActiveX vulnerabilities, ActiveX controls should be disabled in any zone used by attackers.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |