Lucene search

[email protected]CVE-2007-2563

HistoryMay 09, 2007 - 6:19 p.m.

CVE-2007-2563

2007-05-0918:19:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-2563

buffer overflow

versalsoft

http file upload

activex control

ufileuploaderd.dll

remote code execution

nvd

8.7 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.153 Low

EPSS

Percentile

95.8%

JSON

Buffer overflow in the AddFile function in VersalSoft HTTP File Upload ActiveX control (UFileUploaderD.dll) allows remote attackers to execute arbitrary code via a long argument.

CPENameOperatorVersion
versalsoft:http_file_upload_activex_controlversalsoft http file upload activex controleq*

CPE	Name	Operator	Version
versalsoft:http_file_upload_activex_control	versalsoft http file upload activex control	eq	*

References

moaxb.blogspot.com/2007/05/moaxb-07-versalsoft-http-file-uploader.html

osvdb.org/34339

secunia.com/advisories/25156

www.securityfocus.com/bid/23853

www.shinnai.altervista.org/moaxb/20070507/ufile.txt

www.vupen.com/english/advisories/2007/1672

exchange.xforce.ibmcloud.com/vulnerabilities/34123

8.7 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.153 Low

EPSS

Percentile

95.8%

JSON

Related for CVE-2007-2563

prion1