Lucene search

[email protected]CVE-2007-2771

HistoryMay 21, 2007 - 9:30 p.m.

CVE-2007-2771

2007-05-2121:30:00

[email protected]

web.nvd.nist.gov

cve-2007-2771

stack-based buffer overflow

lead technologies

leadtools

jpeg 2000

activex

arbitrary code execution

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.1 High

AI Score

Confidence

High

0.631 Medium

EPSS

Percentile

97.9%

JSON

Stack-based buffer overflow in the LEAD Technologies LeadTools JPEG 2000 LEADJ2K.LEADJ2K.140 ActiveX control (LTJ2K14.ocx) 14.5.0.35 allows remote attackers to execute arbitrary code via a long BitmapDataPath property.

Affected configurations

NVD

Node

lead_technologiesleadtools_jpeg_2000Match14.5.0.35

CPENameOperatorVersion
lead_technologies:leadtools_jpeg_2000lead technologies leadtools jpeg 2000eq14.5.0.35

CPE	Name	Operator	Version
lead_technologies:leadtools_jpeg_2000	lead technologies leadtools jpeg 2000	eq	14.5.0.35

References

moaxb.blogspot.com/2007/05/moaxb-18-leadtools-jpeg-2000-com.html

osvdb.org/36026

secunia.com/advisories/25313

www.kb.cert.org/vuls/id/440112

www.securityfocus.com/bid/24040

www.shinnai.altervista.org/moaxb/20070518/leadtxt.html

www.vupen.com/english/advisories/2007/1868

exchange.xforce.ibmcloud.com/vulnerabilities/34367

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.1 High

AI Score

Confidence

High

0.631 Medium

EPSS

Percentile

97.9%

JSON

Related for CVE-2007-2771

prion1 cvelist1 nvd1