VDB

CVE-2006-6488

CVE-2006-6488 PUBLISHED CVSS 7.5 HIGH

Stack-based buffer overflow in the DoModal function in the Dialog Wrapper Module ActiveX control (DlgWrapper.dll) before 8.4.166.0, as used by ICONICS OPC Enabled Gauge, Switch, and Vessel ActiveX, allows remote attackers to execute arbitrary code via a long (1) FileName or (2) Filter argument.

EPSS 29.59% · 96.7th percentile

Risk Scores

CVSS 2.0
7.5
EPSS Score
29.59%
96.7th percentile

Affected Products

VendorProductVersions
iconicsdialog_wrapper_module_activex_control0
n/an/an/a

Timeline

  • Dec 31, 2006 CVE Published
  • Sep 24, 2008 PoC Published
  • Sep 25, 2008 PoC Published
  • Feb 4, 2022 EPSS Score
  • Mar 29, 2022 EPSS Score
  • Jul 12, 2022 EPSS Score
  • Sep 4, 2022 EPSS Score
  • Oct 26, 2022 EPSS Score
  • Feb 9, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Apr 3, 2023 EPSS Score
  • Jun 7, 2023 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›