Sign-up

ID

VAR-200612-0248


CVE

CVE-2006-6488


TITLE

ICONICS Dialog Wrapper Module ActiveX Control Remote Stack Overflow Vulnerability

Trust: 1.0

sources: IVD: 98456900-2353-11e6-abef-000c29c66e3d // IVD: 7d7d7a13-463f-11e9-a5cb-000c29342cb1 // CNVD: CNVD-2007-0011

DESCRIPTION

Stack-based buffer overflow in the DoModal function in the Dialog Wrapper Module ActiveX control (DlgWrapper.dll) before 8.4.166.0, as used by ICONICS OPC Enabled Gauge, Switch, and Vessel ActiveX, allows remote attackers to execute arbitrary code via a long (1) FileName or (2) Filter argument. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. ICONICS is a professional company that provides OPC-based visualization software. Failed attempts can crash the host application. Versions prior to DlgWrapper.dll 8.4.166.0 are affected. ---------------------------------------------------------------------- Secunia is proud to announce the availability of the Secunia Software Inspector. The Secunia Software Inspector is a free service that detects insecure versions of software that you may have installed in your system. When insecure versions are detected, the Secunia Software Inspector also provides thorough guidelines for updating the software to the latest secure version from the vendor. visits a malicious website. The vulnerability is confirmed in ICONICS Vessel ActiveX 8.02.140 including DlgWrapper.dll 8.0.138.0. SOLUTION: Update to DlgWrapper.dll 8.4.166.0 by applying the hotfix: http://www.iconics.com/support/free_tools/FreeToolsActiveX_DlgWrapperHotFix.zip PROVIDED AND/OR DISCOVERED BY: Will Dormann ORIGINAL ADVISORY: US-CERT VU#251969: http://www.kb.cert.org/vuls/id/251969 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 3.6

sources: NVD: CVE-2006-6488 // CERT/CC: VU#251969 // JVNDB: JVNDB-2006-002556 // CNVD: CNVD-2007-0011 // BID: 21849 // IVD: 98456900-2353-11e6-abef-000c29c66e3d // IVD: 7d7d7a13-463f-11e9-a5cb-000c29342cb1 // PACKETSTORM: 53382

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 1.0

sources: IVD: 98456900-2353-11e6-abef-000c29c66e3d // IVD: 7d7d7a13-463f-11e9-a5cb-000c29342cb1 // CNVD: CNVD-2007-0011

AFFECTED PRODUCTS

vendor:iconicsmodel:dialog wrapper module activex controlscope:lteversion:8.4.165.0

Trust: 1.0

vendor:iconicsmodel: - scope: - version: -

Trust: 0.8

vendor:iconicsmodel:dialog wrapper module activex controlscope:ltversion:8.4.166.0

Trust: 0.8

vendor:nonemodel: - scope: - version: -

Trust: 0.6

vendor:iconicsmodel:dialog wrapper module activex controlscope:eqversion:8.4.165.0

Trust: 0.6

vendor:dialog wrapper module activex controlmodel: - scope:eqversion:*

Trust: 0.4

vendor:iconicsmodel:vessel/gauge/switch activex controlscope:eqversion:8.02.140.0

Trust: 0.3

vendor:iconicsmodel:dlgwrapper.dllscope:eqversion:8.0.138.0

Trust: 0.3

vendor:iconicsmodel:dialog wrapper module activex controlscope:eqversion:0

Trust: 0.3

vendor:iconicsmodel:dlgwrapper.dllscope:neversion:8.4.166.0

Trust: 0.3

sources: IVD: 98456900-2353-11e6-abef-000c29c66e3d // IVD: 7d7d7a13-463f-11e9-a5cb-000c29342cb1 // CERT/CC: VU#251969 // CNVD: CNVD-2007-0011 // BID: 21849 // JVNDB: JVNDB-2006-002556 // CNNVD: CNNVD-200612-721 // NVD: CVE-2006-6488

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2006-6488
value: HIGH

Trust: 1.0

CARNEGIE MELLON: VU#251969
value: 9.23

Trust: 0.8

NVD: CVE-2006-6488
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200612-721
value: HIGH

Trust: 0.6

IVD: 98456900-2353-11e6-abef-000c29c66e3d
value: HIGH

Trust: 0.2

IVD: 7d7d7a13-463f-11e9-a5cb-000c29342cb1
value: HIGH

Trust: 0.2

nvd@nist.gov: CVE-2006-6488
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

IVD: 98456900-2353-11e6-abef-000c29c66e3d
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: 7d7d7a13-463f-11e9-a5cb-000c29342cb1
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

sources: IVD: 98456900-2353-11e6-abef-000c29c66e3d // IVD: 7d7d7a13-463f-11e9-a5cb-000c29342cb1 // CERT/CC: VU#251969 // JVNDB: JVNDB-2006-002556 // CNNVD: CNNVD-200612-721 // NVD: CVE-2006-6488

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2006-6488

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200612-721

TYPE

Buffer overflow

Trust: 1.0

sources: IVD: 98456900-2353-11e6-abef-000c29c66e3d // IVD: 7d7d7a13-463f-11e9-a5cb-000c29342cb1 // CNNVD: CNNVD-200612-721

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2006-002556

PATCH
title:Top Pageurl:http://www.iconics.com/Home.aspx
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2006-002556

EXTERNAL IDS
db:NVDid:CVE-2006-6488
Trust: 3.7
db:CERT/CCid:VU#251969
Trust: 3.3
db:SECUNIAid:23583
Trust: 2.6
db:BIDid:21849
Trust: 1.9
db:VUPENid:ADV-2007-0025
Trust: 1.6
db:OSVDBid:32552
Trust: 1.6
db:CNVDid:CNVD-2007-0011
Trust: 1.0
db:CNNVDid:CNNVD-200612-721
Trust: 1.0
db:EXPLOIT-DBid:6570
Trust: 0.8
db:JVNDBid:JVNDB-2006-002556
Trust: 0.8
db:XFid:31228
Trust: 0.6
db:NSFOCUSid:9823
Trust: 0.6
db:IVDid:98456900-2353-11E6-ABEF-000C29C66E3D
Trust: 0.2
db:IVDid:7D7D7A13-463F-11E9-A5CB-000C29342CB1
Trust: 0.2
db:PACKETSTORMid:53382
Trust: 0.1
sources:
            
            
            IVD: 98456900-2353-11e6-abef-000c29c66e3d // 
            
            
            
            IVD: 7d7d7a13-463f-11e9-a5cb-000c29342cb1 // 
            
            
            
            CERT/CC: VU#251969 // 
            
            
            
            CNVD: CNVD-2007-0011 // 
            
            
            
            BID: 21849 // 
            
            
            
            JVNDB: JVNDB-2006-002556 // 
            
            
            
            PACKETSTORM: 53382 // 
            
            
            
            CNNVD: CNNVD-200612-721 // 
            
            
            
            NVD: CVE-2006-6488

REFERENCES
url:http://www.kb.cert.org/vuls/id/251969
Trust: 2.5
url:http://secunia.com/advisories/23583
Trust: 1.6
url:http://osvdb.org/32552
Trust: 1.6
url:http://www.securityfocus.com/bid/21849
Trust: 1.6
url:http://www.vupen.com/english/advisories/2007/0025
Trust: 1.0
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/31228
Trust: 1.0
url:http://www.iconics.com/support/free_tools/freetoolsactivex_dlgwrapperhotfix.zip
Trust: 0.9
url:http://secunia.com/advisories/23583/
Trust: 0.9
url:http://www.iconics.com/support/free_tools.asp
Trust: 0.8
url:http://www.iconics.com/support/readme_file.asp?file=195
Trust: 0.8
url:http://www.digitalmunition.com/iconics_dlgwrapper.rb
Trust: 0.8
url:http://www.milw0rm.com/exploits/6570
Trust: 0.8
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-6488
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-6488
Trust: 0.8
url:http://www.frsirt.com/english/advisories/2007/0025
Trust: 0.6
url:http://xforce.iss.net/xforce/xfdb/31228
Trust: 0.6
url:http://www.nsfocus.net/vulndb/9823
Trust: 0.6
url:http://carnal0wnage.blogspot.com/2008/10/malware-targeting-industrial-control.html
Trust: 0.3
url:http://www.iconics.com/
Trust: 0.3
url:http://secunia.com/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/software_inspector/
Trust: 0.1
url:http://secunia.com/product/13097/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/product/13096/
Trust: 0.1
url:http://secunia.com/product/13098/
Trust: 0.1
url:http://secunia.com/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            CERT/CC: VU#251969 // 
            
            
            
            BID: 21849 // 
            
            
            
            JVNDB: JVNDB-2006-002556 // 
            
            
            
            PACKETSTORM: 53382 // 
            
            
            
            CNNVD: CNNVD-200612-721 // 
            
            
            
            NVD: CVE-2006-6488

CREDITS
Will Dormann
Trust: 0.9
sources:
            
            
            BID: 21849 // 
            
            
            
            CNNVD: CNNVD-200612-721

SOURCES
db:IVDid:98456900-2353-11e6-abef-000c29c66e3d
db:IVDid:7d7d7a13-463f-11e9-a5cb-000c29342cb1
db:CERT/CCid:VU#251969
db:CNVDid:CNVD-2007-0011
db:BIDid:21849
db:JVNDBid:JVNDB-2006-002556
db:PACKETSTORMid:53382
db:CNNVDid:CNNVD-200612-721
db:NVDid:CVE-2006-6488

LAST UPDATE DATE
2025-04-10T23:24:27.103000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#251969date:2009-10-29T00:00:00
db:CNVDid:CNVD-2007-0011date:2007-01-02T00:00:00
db:BIDid:21849date:2015-03-19T09:49:00
db:JVNDBid:JVNDB-2006-002556date:2012-09-25T00:00:00
db:CNNVDid:CNNVD-200612-721date:2007-01-03T00:00:00
db:NVDid:CVE-2006-6488date:2025-04-09T00:30:58.490

SOURCES RELEASE DATE
db:IVDid:98456900-2353-11e6-abef-000c29c66e3ddate:2007-01-02T00:00:00
db:IVDid:7d7d7a13-463f-11e9-a5cb-000c29342cb1date:2007-01-02T00:00:00
db:CERT/CCid:VU#251969date:2007-01-02T00:00:00
db:CNVDid:CNVD-2007-0011date:2007-01-02T00:00:00
db:BIDid:21849date:2007-01-02T00:00:00
db:JVNDBid:JVNDB-2006-002556date:2012-09-25T00:00:00
db:PACKETSTORMid:53382date:2007-01-03T23:45:45
db:CNNVDid:CNNVD-200612-721date:2006-12-31T00:00:00
db:NVDid:CVE-2006-6488date:2006-12-31T05:00:00