InterActual Player ITIRecorder.MicRecorder ActiveX Control Remote Buffer Overflow Vulnerability

InterActual Player ITIRecorder.MicRecorder ActiveX Control Remote Buffer Overflow Vulnerability

InterActual Player ITIRecorder.MicRecorder ActiveX control is prone to a buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

An attacker could exploit this issue by creating a malicious web page that would initialize the ActiveX controller and execute arbitrary code within the context of the user.

This issue could allow an attacker to execute arbitrary code.

This issue affects versions 2.60.12.0201 with IARECORD.DLL (1.07.11.0620). Other versions may be vulnerable as well.