Intrusion Prevention

Ademco.ATNBaseLoader100.ActiveX.Control.Buffer.Overflow

Description

A buffer overflow vulnerability has been identified in Ademco ATNBaseLoader100 ActiveX control because the application fails to check user supplied data before copying it into an insufficiently sized buffer. This can lead to the overwriting of arbitrary data.
Successful exploiting this issue allows remote attackers to execute arbitrary code in the context of the application by enticing victims to visit a malicious web page.

Affected Products

Honeywell Ademco ATNBaseLoader100 ActiveX Control 5.4 .6

Impact

Arbitrary code execution.

Recommended Actions

Currently we are not aware of any official supplied fix for this issue.

CVE References

CVE-2007-2938