VAR-200612-0248
Vulnerability from variot - Updated: 2023-12-18 13:54Stack-based buffer overflow in the DoModal function in the Dialog Wrapper Module ActiveX control (DlgWrapper.dll) before 8.4.166.0, as used by ICONICS OPC Enabled Gauge, Switch, and Vessel ActiveX, allows remote attackers to execute arbitrary code via a long (1) FileName or (2) Filter argument. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. ICONICS is a professional company that provides OPC-based visualization software. Failed attempts can crash the host application. Versions prior to DlgWrapper.dll 8.4.166.0 are affected.
Secunia is proud to announce the availability of the Secunia Software Inspector.
The Secunia Software Inspector is a free service that detects insecure versions of software that you may have installed in your system. When insecure versions are detected, the Secunia Software Inspector also provides thorough guidelines for updating the software to the latest secure version from the vendor. visits a malicious website.
The vulnerability is confirmed in ICONICS Vessel ActiveX 8.02.140 including DlgWrapper.dll 8.0.138.0.
SOLUTION: Update to DlgWrapper.dll 8.4.166.0 by applying the hotfix: http://www.iconics.com/support/free_tools/FreeToolsActiveX_DlgWrapperHotFix.zip
PROVIDED AND/OR DISCOVERED BY: Will Dormann
ORIGINAL ADVISORY: US-CERT VU#251969: http://www.kb.cert.org/vuls/id/251969
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200612-0248",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "dialog wrapper module activex control",
"scope": "lte",
"trust": 1.0,
"vendor": "iconics",
"version": "8.4.165.0"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iconics",
"version": null
},
{
"model": "dialog wrapper module activex control",
"scope": "lt",
"trust": 0.8,
"vendor": "iconics",
"version": "8.4.166.0"
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "none",
"version": null
},
{
"model": "dialog wrapper module activex control",
"scope": "eq",
"trust": 0.6,
"vendor": "iconics",
"version": "8.4.165.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "dialog wrapper module activex control",
"version": "*"
},
{
"model": "vessel/gauge/switch activex control",
"scope": "eq",
"trust": 0.3,
"vendor": "iconics",
"version": "8.02.140.0"
},
{
"model": "dlgwrapper.dll",
"scope": "eq",
"trust": 0.3,
"vendor": "iconics",
"version": "8.0.138.0"
},
{
"model": "dialog wrapper module activex control",
"scope": "eq",
"trust": 0.3,
"vendor": "iconics",
"version": "0"
},
{
"model": "dlgwrapper.dll",
"scope": "ne",
"trust": 0.3,
"vendor": "iconics",
"version": "8.4.166.0"
}
],
"sources": [
{
"db": "IVD",
"id": "98456900-2353-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7d7a13-463f-11e9-a5cb-000c29342cb1"
},
{
"db": "CERT/CC",
"id": "VU#251969"
},
{
"db": "CNVD",
"id": "CNVD-2007-0011"
},
{
"db": "BID",
"id": "21849"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002556"
},
{
"db": "NVD",
"id": "CVE-2006-6488"
},
{
"db": "CNNVD",
"id": "CNNVD-200612-721"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:iconics:dialog_wrapper_module_activex_control:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.4.165.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-6488"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Will Dormann",
"sources": [
{
"db": "BID",
"id": "21849"
},
{
"db": "CNNVD",
"id": "CNNVD-200612-721"
}
],
"trust": 0.9
},
"cve": "CVE-2006-6488",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2006-6488",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "98456900-2353-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "7d7d7a13-463f-11e9-a5cb-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-6488",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#251969",
"trust": 0.8,
"value": "9.23"
},
{
"author": "CNNVD",
"id": "CNNVD-200612-721",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "98456900-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "IVD",
"id": "7d7d7a13-463f-11e9-a5cb-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "98456900-2353-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7d7a13-463f-11e9-a5cb-000c29342cb1"
},
{
"db": "CERT/CC",
"id": "VU#251969"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002556"
},
{
"db": "NVD",
"id": "CVE-2006-6488"
},
{
"db": "CNNVD",
"id": "CNNVD-200612-721"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack-based buffer overflow in the DoModal function in the Dialog Wrapper Module ActiveX control (DlgWrapper.dll) before 8.4.166.0, as used by ICONICS OPC Enabled Gauge, Switch, and Vessel ActiveX, allows remote attackers to execute arbitrary code via a long (1) FileName or (2) Filter argument. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. ICONICS is a professional company that provides OPC-based visualization software. Failed attempts can crash the host application. \nVersions prior to DlgWrapper.dll 8.4.166.0 are affected. \n\n----------------------------------------------------------------------\n\nSecunia is proud to announce the availability of the Secunia Software\nInspector. \n\nThe Secunia Software Inspector is a free service that detects insecure\nversions of software that you may have installed in your system. When\ninsecure versions are detected, the Secunia Software Inspector also\nprovides thorough guidelines for updating the software to the latest\nsecure version from the vendor. visits a malicious website. \n\nThe vulnerability is confirmed in ICONICS Vessel ActiveX 8.02.140\nincluding DlgWrapper.dll 8.0.138.0. \n\nSOLUTION:\nUpdate to DlgWrapper.dll 8.4.166.0 by applying the hotfix:\nhttp://www.iconics.com/support/free_tools/FreeToolsActiveX_DlgWrapperHotFix.zip\n\nPROVIDED AND/OR DISCOVERED BY:\nWill Dormann\n\nORIGINAL ADVISORY:\nUS-CERT VU#251969:\nhttp://www.kb.cert.org/vuls/id/251969\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-6488"
},
{
"db": "CERT/CC",
"id": "VU#251969"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002556"
},
{
"db": "CNVD",
"id": "CNVD-2007-0011"
},
{
"db": "BID",
"id": "21849"
},
{
"db": "IVD",
"id": "98456900-2353-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7d7a13-463f-11e9-a5cb-000c29342cb1"
},
{
"db": "PACKETSTORM",
"id": "53382"
}
],
"trust": 3.6
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-6488",
"trust": 3.7
},
{
"db": "CERT/CC",
"id": "VU#251969",
"trust": 3.3
},
{
"db": "SECUNIA",
"id": "23583",
"trust": 2.6
},
{
"db": "BID",
"id": "21849",
"trust": 1.9
},
{
"db": "OSVDB",
"id": "32552",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2007-0025",
"trust": 1.6
},
{
"db": "CNVD",
"id": "CNVD-2007-0011",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-200612-721",
"trust": 1.0
},
{
"db": "EXPLOIT-DB",
"id": "6570",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002556",
"trust": 0.8
},
{
"db": "XF",
"id": "31228",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "9823",
"trust": 0.6
},
{
"db": "IVD",
"id": "98456900-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "7D7D7A13-463F-11E9-A5CB-000C29342CB1",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "53382",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "98456900-2353-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7d7a13-463f-11e9-a5cb-000c29342cb1"
},
{
"db": "CERT/CC",
"id": "VU#251969"
},
{
"db": "CNVD",
"id": "CNVD-2007-0011"
},
{
"db": "BID",
"id": "21849"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002556"
},
{
"db": "PACKETSTORM",
"id": "53382"
},
{
"db": "NVD",
"id": "CVE-2006-6488"
},
{
"db": "CNNVD",
"id": "CNNVD-200612-721"
}
]
},
"id": "VAR-200612-0248",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "98456900-2353-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7d7a13-463f-11e9-a5cb-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2007-0011"
}
],
"trust": 0.1
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "98456900-2353-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7d7a13-463f-11e9-a5cb-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2007-0011"
}
]
},
"last_update_date": "2023-12-18T13:54:06.057000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.iconics.com/home.aspx"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-002556"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-6488"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.kb.cert.org/vuls/id/251969"
},
{
"trust": 1.6,
"url": "http://osvdb.org/32552"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23583"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/21849"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0025"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31228"
},
{
"trust": 0.9,
"url": "http://www.iconics.com/support/free_tools/freetoolsactivex_dlgwrapperhotfix.zip"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/23583/"
},
{
"trust": 0.8,
"url": "http://www.iconics.com/support/free_tools.asp"
},
{
"trust": 0.8,
"url": "http://www.iconics.com/support/readme_file.asp?file=195"
},
{
"trust": 0.8,
"url": "http://www.digitalmunition.com/iconics_dlgwrapper.rb"
},
{
"trust": 0.8,
"url": "http://www.milw0rm.com/exploits/6570"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-6488"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-6488"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2007/0025"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/31228"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/9823"
},
{
"trust": 0.3,
"url": "http://carnal0wnage.blogspot.com/2008/10/malware-targeting-industrial-control.html"
},
{
"trust": 0.3,
"url": "http://www.iconics.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/software_inspector/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/13097/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/13096/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/13098/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#251969"
},
{
"db": "BID",
"id": "21849"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002556"
},
{
"db": "PACKETSTORM",
"id": "53382"
},
{
"db": "NVD",
"id": "CVE-2006-6488"
},
{
"db": "CNNVD",
"id": "CNNVD-200612-721"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "98456900-2353-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7d7a13-463f-11e9-a5cb-000c29342cb1"
},
{
"db": "CERT/CC",
"id": "VU#251969"
},
{
"db": "CNVD",
"id": "CNVD-2007-0011"
},
{
"db": "BID",
"id": "21849"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002556"
},
{
"db": "PACKETSTORM",
"id": "53382"
},
{
"db": "NVD",
"id": "CVE-2006-6488"
},
{
"db": "CNNVD",
"id": "CNNVD-200612-721"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-01-02T00:00:00",
"db": "IVD",
"id": "98456900-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2007-01-02T00:00:00",
"db": "IVD",
"id": "7d7d7a13-463f-11e9-a5cb-000c29342cb1"
},
{
"date": "2007-01-02T00:00:00",
"db": "CERT/CC",
"id": "VU#251969"
},
{
"date": "2007-01-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2007-0011"
},
{
"date": "2007-01-02T00:00:00",
"db": "BID",
"id": "21849"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-002556"
},
{
"date": "2007-01-03T23:45:45",
"db": "PACKETSTORM",
"id": "53382"
},
{
"date": "2006-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2006-6488"
},
{
"date": "2006-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200612-721"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-10-29T00:00:00",
"db": "CERT/CC",
"id": "VU#251969"
},
{
"date": "2007-01-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2007-0011"
},
{
"date": "2015-03-19T09:49:00",
"db": "BID",
"id": "21849"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-002556"
},
{
"date": "2017-07-29T01:29:33.607000",
"db": "NVD",
"id": "CVE-2006-6488"
},
{
"date": "2007-01-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200612-721"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200612-721"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ICONICS Dialog Wrapper Module ActiveX Control Remote Stack Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "98456900-2353-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7d7a13-463f-11e9-a5cb-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2007-0011"
}
],
"trust": 1.0
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "98456900-2353-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7d7a13-463f-11e9-a5cb-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-200612-721"
}
],
"trust": 1.0
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…