Lucene search

[email protected]CVE-2007-4802

HistorySep 11, 2007 - 6:17 p.m.

CVE-2007-4802

2007-09-1118:17:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2007-4802

globallink

buffer overflow

remote code execution

activex control

glitemcom.dll

glitemflat.dll

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

High

0.236 Low

EPSS

Percentile

96.6%

JSON

Multiple heap-based buffer overflows in GlobalLink 2.7.0.8 allow remote attackers to execute arbitrary code via (1) a long eighth argument to the SetInfo method in a certain ActiveX control in glItemCom.dll or (2) a long second argument to the SetClientInfo method in a certain ActiveX control in glitemflat.dll.

Affected configurations

NVD

Node

ourgame.comgloballinkMatch2.7.0.8

CPENameOperatorVersion
ourgame.com:globallinkourgame.com globallinkeq2.7.0.8

CPE	Name	Operator	Version
ourgame.com:globallink	ourgame.com globallink	eq	2.7.0.8

References

osvdb.org/45886

osvdb.org/45887

www.securityfocus.com/bid/25565

www.securityfocus.com/bid/25586

exchange.xforce.ibmcloud.com/vulnerabilities/36470

exchange.xforce.ibmcloud.com/vulnerabilities/36501

www.exploit-db.com/exploits/4366

www.exploit-db.com/exploits/4372

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

High

0.236 Low

EPSS

Percentile

96.6%

JSON

Related for CVE-2007-4802

cvelist1 nvd1 prion1