What the vulnerability does

01Description

A heap-based buffer overflow exists in the third-party product Gigasoft, v5 and prior, included in GE Communicator 3.15 and prior. A malicious HTML file that loads the ActiveX controls can trigger the vulnerability via unchecked function calls.

Key dates

02Disclosure timeline

October 2, 2018 CVE published
September 17, 2024 Record updated