Lucene search

[email protected]CVE-2007-2210

HistoryApr 24, 2007 - 8:19 p.m.

CVE-2007-2210

2007-04-2420:19:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

netsprint ask ie toolbar

activex control

cve-2007-2210

denial of service

buffer overflow

nvd

7.7 High

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.054 Low

EPSS

Percentile

93.0%

JSON

A certain ActiveX control in askPopStp.dll in Netsprint Ask IE Toolbar 1.1 allows remote attackers to cause a denial of service (Internet Explorer crash) via a long AddAllowed property value, related to “improper memory handling,” possibly a buffer overflow.

CPENameOperatorVersion
netsprint:ask_ie_toolbarnetsprint ask ie toolbareq1.1

CPE	Name	Operator	Version
netsprint:ask_ie_toolbar	netsprint ask ie toolbar	eq	1.1

References

osvdb.org/35413

securityreason.com/securityalert/2604

www.securityfocus.com/archive/1/466022/100/100/threaded

www.securityfocus.com/bid/23535

7.7 High

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.054 Low

EPSS

Percentile

93.0%

JSON

Related for CVE-2007-2210

prion1