• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Automated Solutions Modbus RTU/ASCII/TCP Slave ActiveX Control Heap Buffer Overflow Vulnerability

Automated Solutions Modbus RTU/ASCII/TCP Slave ActiveX control is prone to a heap-based buffer-overflow vulnerability because the applications fail to perform adequate boundary-checks on user-supplied data.

Successfully exploiting this issue will allow an attacker to execute arbitrary code within the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts will result in a denial-of-service condition.