Threat Monitor
Troj.Downloader.JS.Agent.eci
| Aliase: | |
|---|---|
| Pattern: | 201008201330 |
| Threat Typ | Verbreitung | Betroffene Systeme | Gefährlichkeit |
|---|---|---|---|
|
|
|
Haihaisoft PDF Reader is prone to a remote code execution vulnerability.
The vulnerability is caused due to a boundary error in PDFReaderOCX.ocx ActiveX Control with the CLSID:28CB49D6-E530-442B-A182-79F047C3AA1B when handling the "URL" property. By persuading a victim to visit a specially-crafted Web page that passes an overly long string more than 2048 bytes to the "URL" property provided by the PDFReaderOCX.ocx ActiveX control, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim.
Affected: Haihaisoft PDF Reader 1.1.5.0
The vulnerability is caused due to a boundary error in PDFReaderOCX.ocx ActiveX Control with the CLSID:28CB49D6-E530-442B-A182-79F047C3AA1B when handling the "URL" property. By persuading a victim to visit a specially-crafted Web page that passes an overly long string more than 2048 bytes to the "URL" property provided by the PDFReaderOCX.ocx ActiveX control, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim.
Affected: Haihaisoft PDF Reader 1.1.5.0
