BrowseDialog ActiveX Control CCRPBDS6.DLL Multiple Buffer Overflow Vulnerabilities

BrowseDialog ActiveX Control CCRPBDS6.DLL Multiple Buffer Overflow Vulnerabilities

The BrowseDialog ActiveX control is prone to multiple buffer-overflow vulnerabilities because the software fails to properly check boundaries on user-supplied data before copying it to an insufficiently sized buffer.

A remote attacker may exploit these vulnerabilities by presenting a malicious file to a victim user and enticing them to open it with the vulnerable application.

Successful attacks can cause denial-of-service conditions in Internet Explorer or other applications that use the vulnerable ActiveX control. Arbitrary code execution may also be possible, but this has not been confirmed.