Lucene search

[email protected]CVE-2007-2827

HistoryMay 22, 2007 - 9:30 p.m.

CVE-2007-2827

2007-05-2221:30:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2007-2827

buffer overflow

lead technologies

leadtools isis

activex control

ltisi14e.ocx

code execution

8.3 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.242 Low

EPSS

Percentile

96.5%

JSON

Heap-based buffer overflow in LEAD Technologies LEADTOOLS ISIS ActiveX Control (ltisi14E.ocx) 14.5.0.44 and earlier allows remote attackers to execute arbitrary code via a long DriverName property.

CPENameOperatorVersion
lead_technologies:leadtools_isis_activex_controllead technologies leadtools isis activex controlle14.5.0.44

CPE	Name	Operator	Version
lead_technologies:leadtools_isis_activex_control	lead technologies leadtools isis activex control	le	14.5.0.44

References

moaxb.blogspot.com/2007/05/moaxb-22-leadtools-isis-control.html

osvdb.org/36032

secunia.com/advisories/25349

www.securityfocus.com/bid/24093

www.shinnai.altervista.org/moaxb/20070522/leadisistxt.html

www.vupen.com/english/advisories/2007/1900

exchange.xforce.ibmcloud.com/vulnerabilities/34437

8.3 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.242 Low

EPSS

Percentile

96.5%

JSON

Related for CVE-2007-2827

prion2 cve1