VDB
CVE-2006-6488
CVE-2006-6488
PUBLISHED
CVSS 7.5 HIGH
Stack-based buffer overflow in the DoModal function in the Dialog Wrapper Module ActiveX control (DlgWrapper.dll) before 8.4.166.0, as used by ICONICS OPC Enabled Gauge, Switch, and Vessel ActiveX, allows remote attackers to execute arbitrary code via a long (1) FileName or (2) Filter argument.
EPSS 29.59% · 96.7th percentile
Risk Scores
CVSS 2.0
7.5
EPSS Score
29.59%
96.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| iconics | dialog_wrapper_module_activex_control | 0 |
| n/a | n/a | n/a |
Timeline
- Dec 31, 2006 CVE Published
- Sep 24, 2008 PoC Published
- Sep 25, 2008 PoC Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- Jun 7, 2023 EPSS Score
References
- 21849 vdb
- VU#251969 third-party-advisory
- 32552 vdb
- dialogwrapper-activex-bo(31228) vdb
- 23583 third-party-advisory
- ADV-2007-0025 vdb
- https://nvd.nist.gov/vuln/detail/CVE-2006-6488 advisory