Strike ID:
E12-u9y01
CVSS:
6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
False Positive:
t
Variants:
2
Year:
2012

Description

This strike exploits an indexing vulnerability in Cyme ChartFX activeX control Cfx62ClientServer.Chart. The page number parameter of the ShowPropertiesDialog method is not properly validated, and it gets used in a pointer calculation which is then later used in a memory write operation.

CVE

References

MSB

BID

ExploitDB

Secunia

Security Tracker

Metasploit

ZDI

Google

OSVDB

{85894}