Multiple stack-based buffer overflows in the FViewerLoading ActiveX control (FlipViewerX.dll) in E-Book Systems FlipViewer before 4.1 allow remote attackers to cause a denial of service (crash) or execute arbitrary code via long (1) UID, (2) Opf, (3) PAGENO, (4) LaunchMode, (5) SubID, (6) BookID, (7) LibraryID, (8) SubURL, and (9) LoadOpf properties.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Flipviewer | E-book_systems | * | 4.0 (including) |
References
- http://osvdb.org/37042
- http://secunia.com/advisories/25568
- http://www.kb.cert.org/vuls/id/449089
- http://www.securityfocus.com/bid/24328
- http://www.vupen.com/english/advisories/2007/2081
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34742
- http://osvdb.org/37042
- http://secunia.com/advisories/25568
- http://www.kb.cert.org/vuls/id/449089
- http://www.securityfocus.com/bid/24328
- http://www.vupen.com/english/advisories/2007/2081
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34742