UCanCode E-XD Visualization Enterprise Suite UCCDRAW AddStringUserProperty Untrusted Pointer Dereference Exploit

The specific flaw exists within processing of the AddStringUserProperty method within the UCCDRAW.UCCDrawCtrl.1 ActiveX control. The process does not properly validate a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute arbitrary code under the context of the current process.
Exploit type: 
Vulnerabilty ID: 
Product Version: 
Released Date: 
Wednesday, June 28, 2017 - 19:00