-
ICONICS WebHMI ActiveX Buffer Overflow
Disclosure Date: 2011-05-05First seen: 2020-04-26exploit/windows/scada/iconics_webhmi_setactivexguidThis module exploits a vulnerability found in ICONICS WebHMI's ActiveX control. By supplying a long string of data to the 'SetActiveXGUID' parameter, GenVersion.dll fails to do any proper bounds checking before this input is copied onto the stack, which causes a buffer overflow, and results arbitrary code execution under the context of the user. Authors: - Scoot Bell <scott.bell@security-assessment.com> - Blair Strang <blair.strang@security-assessment.com> - sinn3r <sinn3r@metasploit.com>
1 metasploit modules found
Please note: Metasploit modules are only matched by CVE numbers.
Visit metasploit web site for more details