Strike ID:
E13-yq501
CVSS:
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
False Positive:
t
Variants:
1
Year:
2013

Description

This strike identifies a vulnerability in Mitusbishis MX Component ActiveX control. This attack is against a vulnerable WzTitle function that takes a string as an argument. If this string size exceeds the limit of the buffer an overflow will occur allowing for remote code to be executed.

CVE

References

MSB

BID

ExploitDB

Secunia

Security Tracker

Metasploit

ZDI

Google

OSVDB

{91661}