On 1 October 2008, a vulnerability has been identified in some GdPicture Toolkits, which could be exploited by remote attackers to take complete control of an affected system. This issue is caused by GdPicture ActiveX controls including the SaveAsPDF() method which could be exploited by attackers to create malicious files on a vulnerable system and execute arbitrary code by tricking a user into visiting a specially crafted web page.
This error has been fixed the 2 October 2008.
The GdPicture Toolkits which included this vulnerability are:
- GdPicture Light Imaging Toolkit
- GdPicture Pro Imaging SDK
- GdTwain ActiveX
- GdTwain Pro SDK
Fixed edition of these Toolkits can be download for free from this link: http://www.gdpicture.com/softwares.php
More informations about this vulnerability from:
http://governmentsecurity.org/forum/ind ... e=threaded
Who is online
Users browsing this forum: No registered users and 3 guests