SID 12413
Msg
"WEB-ACTIVEX Earth Resource Mapper NCSView ActiveX clsid access"
Summary
This event is generated when an attempt is made to exploit a known vulnerability in Earth Resource Mapping application.
Classtype
attempted-user
Impact
Unknown.
Detailed Information
Multiple stack-based buffer overflows in the Earth Resource Mapping NCSView ActiveX control before 3.4.0.242 in NCSView.dll, as distributed in ER Mapper ECW JPEG 2000 Plug-in before 8.1, allow remote attackers to execute arbitrary code via unspecified vectors.
Affected Systems
- 1
Ease Of Attack
Simple.
False Positives
None known.
False Negatives
None known.
Corrective Action
Upgrade to the latest non-affected version of the software.
Apply the appropriate vendor supplied patches.
Contributors
- Sourcefire Vulnerability Research Team
- This document was generated from data supplied by the National Vulnerability Database. A product of the National Institute of Standards and Technology.
- For more information see http://nvd.nist.gov/
