Advantech WebAccess Webeye ActiveX Control Stack Based Buffer Overflow Vulnerability
High Nessus Plugin ID 81788
SynopsisThe remote host has an ActiveX control with a buffer overflow vulnerability.
DescriptionThe Advantec WebAccess application installed on the remote host includes a third party 'webeye.ocx' ActiveX control that is affected by a stack-based buffer overflow vulnerability when processing input to the 'ip_address' parameter. A remote attacker, using a specially crafted HTML file, can exploit this to execute arbitrary code or crash the application.
SolutionUpgrade WebAccess to version 8.0 or later.