Lucene search

MitreCVE-2007-2585

HistoryMay 10, 2007 - 12:19 a.m.

CVE-2007-2585

2007-05-1000:19:00

mitre

web.nvd.nist.gov

cve-2007-2585

barcodewiz

activex control

buffer overflow

security vulnerability

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

8.1

Confidence

High

EPSS

0.224

Percentile

96.5%

JSON

Stack-based buffer overflow in the Verify function in the BarCodeWiz ActiveX control 2.0 and 2.52 (BarcodeWiz.dll) allows remote attackers to execute arbitrary code via a long argument.

Affected configurations

Nvd

Node

barcodewizbarcode_activex_controlMatch2.0

barcodewizbarcode_activex_controlMatch2.52

VendorProductVersionCPE
barcodewizbarcode_activex_control2.0cpe:2.3:a:barcodewiz:barcode_activex_control:2.0:*:*:*:*:*:*:*
barcodewizbarcode_activex_control2.52cpe:2.3:a:barcodewiz:barcode_activex_control:2.52:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
barcodewiz	barcode_activex_control	2.0	cpe:2.3:a:barcodewiz:barcode_activex_control:2.0:::::::*
barcodewiz	barcode_activex_control	2.52	cpe:2.3:a:barcodewiz:barcode_activex_control:2.52:::::::*

References

moaxb.blogspot.com/2007/05/moaxb-09-barcodewiz-activex-control-20.html

osvdb.org/35869

secunia.com/advisories/25209

www.securityfocus.com/bid/23891

www.shinnai.altervista.org/moaxb/20070509/barcodewiz.txt

www.vupen.com/english/advisories/2007/1728

exchange.xforce.ibmcloud.com/vulnerabilities/34180

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

8.1

Confidence

High

EPSS

0.224

Percentile

96.5%

JSON

Related for CVE-2007-2585