Lucene search

[email protected]CVE-2007-2820

HistoryMay 22, 2007 - 9:30 p.m.

CVE-2007-2820

2007-05-2221:30:00

[email protected]

web.nvd.nist.gov

cve-2007-2820

ksign

ksignswat

activex

buffer overflow

remote code execution

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

High

0.154 Low

EPSS

Percentile

95.9%

JSON

Multiple stack-based buffer overflows in the KSign KSignSWAT ActiveX Control (AxKSignSWAT.dll) 2.0.3.3 allow remote attackers to execute arbitrary code via long arguments to the (1) SWAT_Init, (2) SWAT_InitEx, (3) SWAT_InitEx2, (4) SWAT_InitEx3, and (5) SWAT_Login functions.

Affected configurations

NVD

Node

ksignksignswatMatch2.0.3.3

CPENameOperatorVersion
ksign:ksignswatksign ksignswateq2.0.3.3

CPE	Name	Operator	Version
ksign:ksignswat	ksign ksignswat	eq	2.0.3.3

References

marc.info/?l=full-disclosure&m=117981953312669&w=2

osvdb.org/36517

secunia.com/advisories/25357

www.securityfocus.com/bid/24088

www.vupen.com/english/advisories/2007/1901

exchange.xforce.ibmcloud.com/vulnerabilities/34417

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

High

0.154 Low

EPSS

Percentile

95.9%

JSON

Related for CVE-2007-2820

cvelist1 nvd1 prion1