SigPlus Pro ActiveX Control 'LCDWriteString()' Buffer Overflow Vulnerability

Summary
This host is installed with SigPlus Pro ActiveX Control and is prone to buffer overflow vulnerability.
Impact
Successful exploitation could allow remote attackers to execute arbitrary code on the system or cause the victim's browser to crash. Impact Level: Application/System
Solution
Upgrade to SigPlus Pro ActiveX control version 3.95 or later, For updates refer to http://www.topazsystems.com/software/download/sigplusactivex.htm
Insight
The flaw is due to a boundary error in SigPlus.ocx when handling the 'HexString' argument passed to the 'LCDWriteString()' method and can be exploited to cause a stack-based buffer overflow via an overly long string.
Affected
SigPlus Pro ActiveX control version 3.74
References