CVE-2007-4034

🗓️ 27 Jul 2007 22:00:00Reported by mitreType

cve🔗 web.nvd.nist.gov👁 58 Views🌐 WEB

CVE-2007-4034 Stack-based buffer overflow in Yahoo! Installer Plugin for Widgets ActiveX contro

Reporter	Title	Published	Views	Family All 12
Check Point Advisories	Yahoo! Widgets YDP ActiveX Control Buffer Overflow (CVE-2007-4034)	10 Sep 200700:00	–	checkpoint_advisories
Cvelist	CVE-2007-4034	27 Jul 200722:00	–	cvelist
Exploit DB	Yahoo! Widgets Engine 4.0.3 YDPCTL.DLL ActiveX Control Buffer Overflow Vulnerability	27 Jul 200700:00	–	exploitdb
Kaspersky	KLA10408 ACE vulnerability in Yahoo! Widgets	27 Jul 200700:00	–	kaspersky
NVD	CVE-2007-4034	27 Jul 200722:30	–	nvd
Prion	Stack overflow	27 Jul 200722:30	–	prion
Saint	Yahoo! Widgets ActiveX control GetComponentVersion buffer overflow	3 Aug 200700:00	–	saint
Saint	Yahoo! Widgets ActiveX control GetComponentVersion buffer overflow	3 Aug 200700:00	–	saint
Saint	Yahoo! Widgets ActiveX control GetComponentVersion buffer overflow	3 Aug 200700:00	–	saint
Saint	Yahoo! Widgets ActiveX control GetComponentVersion buffer overflow	3 Aug 200700:00	–	saint

NVD

Node

yahoo widgetsRange≤4.0.5

Source	Link
secunia	www.secunia.com/advisories/26011
kb	www.kb.cert.org/vuls/id/120760
securitytracker	www.securitytracker.com/id
help	www.help.yahoo.com/l/us/yahoo/widgets/security/security-08.html
securityfocus	www.securityfocus.com/bid/25086
osvdb	www.osvdb.org/37705
vupen	www.vupen.com/english/advisories/2007/2679

Parameter	Position	Path	Description	CWE
buffer	nested	ActiveX/YDPCTL.dll/GetComponentVersion	Remote buffer overflow via long argument to GetComponentVersion in Yahoo! Widgets Engine ActiveX control (YDPCTL.dll).	CWE-119

23 Apr 2026 00:35Current

7.8High risk

Vulners AI Score7.8

CVSS 29.3

EPSS0.31223