Public exploit · Metasploit Module

Viscom Image Viewer CP Pro 8.0/Gold 6.0 ActiveX Control

Published Rocco Calvi

Exploit summary

A stack-based buffer overflow in the ImageViewer2.OCX ActiveX control exploited via an overly long argument to the TifMergeMultiFiles() method, enabling code execution with user privileges. The module bypasses DEP and ASLR protections on Windows XP IE8, Vista, and Windows 7.

Source & references