9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.8 High
AI Score
Confidence
Low
0.51 Medium
EPSS
Percentile
97.6%
Buffer overflow in the Configuration Checker (ConfigChk) ActiveX control in VSCnfChk.dll 2.0.0.2 for Verisign Managed PKI Service, Secure Messaging for Microsoft Exchange, and Go Secure! allows remote attackers to execute arbitrary code via long arguments to the VerCompare method.
attrition.org/pipermail/vim/2007-February/001384.html
attrition.org/pipermail/vim/2007-February/001385.html
jvn.jp/cert/JVNVU%23308087/index.html
labs.idefense.com/intelligence/vulnerabilities/display.php?id=479
osvdb.org/33479
secunia.com/advisories/24249
www.jpcert.or.jp/at/2007/at070006.txt
www.kb.cert.org/vuls/id/308087
www.securityfocus.com/bid/22671
www.securityfocus.com/bid/22676
www.securitytracker.com/id?1017692
www.securitytracker.com/id?1017693
www.securitytracker.com/id?1017694
www.vupen.com/english/advisories/2007/0702
download.verisign.co.jp/support/announce/20070216.html
exchange.xforce.ibmcloud.com/vulnerabilities/32639