Advantech Webaccess webeye Connect Buffer Overflow Exploit

The specific flaw exists within the Connect method in webeye.ocx module.The control does not check the length of an attacker-supplied string in the Connect method before copying it into a fixed length buffer on the stack. This allows an attacker to execute arbitrary code in the context of the browser process.
Exploit type: 
Platform: 
Vulnerabilty ID: 
CVE-2014-8388
Product Version: 
2014_R2
Released Date: 
Wednesday, November 19, 2014 - 00:00