Lucene search

[email protected]CVE-2007-4472

HistorySep 06, 2007 - 10:17 p.m.

CVE-2007-4472

2007-09-0622:17:00

CWE-119

[email protected]

web.nvd.nist.gov

buffer overflow

broderbund

expressit

activex

code execution

vulnerability

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

Low

0.081 Low

EPSS

Percentile

94.4%

JSON

Multiple buffer overflows in the Broderbund Expressit 3DGreetings Player ActiveX control could allow remote attackers to execute arbitrary code via unspecified vectors.

Affected configurations

NVD

Node

broderbundexpressit_3dgreetings_player

CPENameOperatorVersion
broderbund:expressit_3dgreetings_playerbroderbund expressit 3dgreetings playereq*

CPE	Name	Operator	Version
broderbund:expressit_3dgreetings_player	broderbund expressit 3dgreetings player	eq	*

References

osvdb.org/37779

secunia.com/advisories/26717

www.kb.cert.org/vuls/id/574401

www.securityfocus.com/bid/25564

www.vupen.com/english/advisories/2007/3074

exchange.xforce.ibmcloud.com/vulnerabilities/36472

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

Low

0.081 Low

EPSS

Percentile

94.4%

JSON

Related for CVE-2007-4472

nvd1 cert1 nessus1 cvelist1 prion1