Full title: InduSoft Web Studio ISSymbol.ocx InternationalSeparator() Overflow 
Category: remote exploits
Platform: windows
This Metasploit module exploits a heap overflow found in InduSoft Web Studio <= 61.6.00.00 SP6. The overflow exists in the ISSymbol.ocx, and can be triggered with a long string argument for the InternationalSeparator() method of the ISSymbol control. This Metasploit modules uses the msvcr71.dll form the Java JRE6 to bypass ASLR.

# 0day.today @ http://0day.today/