CVE-2006-6488: Buffer Overflow
First published: Sun Dec 31 2006(Updated: )
Stack-based buffer overflow in the DoModal function in the Dialog Wrapper Module ActiveX control (DlgWrapper.dll) before 8.4.166.0, as used by ICONICS OPC Enabled Gauge, Switch, and Vessel ActiveX, allows remote attackers to execute arbitrary code via a long (1) FileName or (2) Filter argument.
Credit: cret@cert.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Iconics Dialog Wrapper Module Activex Control | <=8.4.165.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2006-6488?
CVE-2006-6488 is classified as a critical vulnerability due to its ability to allow remote attackers to execute arbitrary code.
How do I fix CVE-2006-6488?
To fix CVE-2006-6488, upgrade the Dialog Wrapper Module ActiveX control to version 8.4.166.0 or later.
What type of vulnerability is CVE-2006-6488?
CVE-2006-6488 is a stack-based buffer overflow vulnerability affecting the Dialog Wrapper Module ActiveX control.
Who is affected by CVE-2006-6488?
Users of the ICONICS OPC Enabled Gauge, Switch, and Vessel ActiveX that utilize the affected version of the Dialog Wrapper Module are at risk from CVE-2006-6488.
What can an attacker do with CVE-2006-6488?
An attacker exploiting CVE-2006-6488 can execute arbitrary code on the victim's machine by providing specially crafted input.
- collector/nvd-historical
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/tags
- agent/event
- agent/description
- agent/source
- vendor/iconics
- canonical/iconics dialog wrapper module activex control
- version/iconics dialog wrapper module activex control/8.4.165.0