We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2013-10057

Synactis PDF In-The-Box ConnectToSynactic Stack-Based Buffer Overflow



Description

A stack-based buffer overflow vulnerability exists in Synactis PDF In-The-Box ActiveX control (PDF_IN_1.ocx), specifically the ConnectToSynactis method. When a long string is passed to this method—intended to populate the ldCmdLine argument of a WinExec call—a strcpy operation overwrites a saved TRegistry class pointer on the stack. This allows remote attackers to execute arbitrary code in the context of the user by enticing them to visit a malicious webpage that instantiates the vulnerable ActiveX control. The vulnerability was discovered via its use in third-party software such as Logic Print 2013.

Reserved 2025-08-01 | Published 2025-08-01 | Updated 2025-08-01 | Assigner VulnCheck


HIGH: 7.5CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Problem types

CWE-121 Stack-based Buffer Overflow

CWE-94 Improper Control of Generation of Code ('Code Injection')

Product status

Default status
unaffected

*
affected

Credits

h1ch4m finder

References

raw.githubusercontent.com/...nactis_connecttosynactis_bof.rb exploit

www.exploit-db.com/exploits/25835 exploit

www.fortiguard.com/...-box-connecttosynactic-buffer-overflow third-party-advisory

www.synactis.com/pdf-in-the-box.htm product

www.vulncheck.com/...ctosynactic-stack-based-buffer-overflow third-party-advisory

cve.org (CVE-2013-10057)

nvd.nist.gov (CVE-2013-10057)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2013-10057

Support options

Helpdesk Chat, Email, Knowledgebase