A heap-based buffer overflow exists in the third-party product Gigasoft, v5 and prior, included in GE Communicator 3.15 and prior. A malicious HTML file that loads the ActiveX controls can trigger the vulnerability via unchecked function calls.
Add your gear to cvedb and we'll alert you only when gigasoft ships something exploited.
Check my exposure →This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.