Description
Multiple buffer overflows in the ActiveX controls in Newtone ImageKit 5 before Fix 30 and 6 before Fix 40, as used in CASIO Photo Loader software before 3.01 and possibly other software, allow remote attackers to execute arbitrary code via a crafted HTML document.
Affected products
- casio / photo_loader3.00 – 3.00
- newtone / imagekit5_fix_29 – 5_fix_29
- newtone / imagekit6_fix_40 – 6_fix_40
References
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2006/4795
- MISChttp://www.securityfocus.com/bid/21375
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/30680
- VENDOR_ADVISORYhttp://secunia.com/advisories/23286
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2006/4794
- MISChttp://www.kb.cert.org/vuls/id/210697