Lucene search

[email protected]CVE-2007-3071

HistoryJun 06, 2007 - 10:30 a.m.

CVE-2007-3071

2007-06-0610:30:00

[email protected]

web.nvd.nist.gov

cve-2007-3071

buffer overflow

esellerate sdk

activex control

remote code execution

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

High

0.035 Low

EPSS

Percentile

91.7%

JSON

Buffer overflow in the GetWebStoreURL function in a certain ActiveX control in eSellerateControl365.dll 3.6.5.0 in eSellerate SDK allows user-assisted remote attackers to execute arbitrary code via a long first argument.

Affected configurations

NVD

Node

digital_riveresellerate_sdkMatch3.6.5.0

CPENameOperatorVersion
digital_river:esellerate_sdkdigital river esellerate sdkeq3.6.5.0

CPE	Name	Operator	Version
digital_river:esellerate_sdk	digital river esellerate sdk	eq	3.6.5.0

References

osvdb.org/38803

www.securityfocus.com/bid/24300

www.shinnai.altervista.org/exploits/esellerate.html

exchange.xforce.ibmcloud.com/vulnerabilities/35003

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

High

0.035 Low

EPSS

Percentile

91.7%

JSON

Related for CVE-2007-3071

prion1 nvd1 cvelist1