Hummingbird HostExplorer ActiveX Control BOF Vulnerability

Summary
This host has Hummingbird HostExplorer ActiveX Control installed and is prone to stack based buffer overflow vulnerability. The flaw is due to error in Hummingbird.XWebHostCtrl.1 ActiveX control in hclxweb.dll file when handling the 'PlainTextPassword' function, which can be exploited by assigning an overly long string.
Impact
Successful exploitation will allow execution arbitrary code, and deny the service. Impact Level: Application
Solution
Update to HostExplorer 2008 http://connectivity.hummingbird.com/products/nc/he/index.html
Affected
Hummingbird HostExplorer versions prior to 2008 on Windows (all)
References

Updated on 2017-03-28