SolarWinds Application Monitor TSUnicodeGraphEditorControl factory Buffer Overflow Exploit

The specific flaw exists within the 'factory' object's loadExtensionFactory method. The issue lies in a failure to validate the size of an attacker-supplied input before copying it into a fixed-size buffer on the stack. An attacker can leverage this vulnerability to execute code under the context of the current process.
Exploit type: 
Platform: 
Vulnerabilty ID: 
CVE-2015-1500
Product Version: 
2014_R2
Released Date: 
Thursday, February 19, 2015 - 00:00