Lucene search

[email protected]CVE-2007-4821

HistorySep 11, 2007 - 7:17 p.m.

CVE-2007-4821

2007-09-1119:17:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2007-4821

buffer overflow

officeviewer.ocx

edraw office viewer component 5.2

arbitrary code execution

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

Low

0.211 Low

EPSS

Percentile

96.4%

JSON

Buffer overflow in a certain ActiveX control in officeviewer.ocx 5.2.218.1 in EDraw Office Viewer Component 5.2 allows remote attackers to execute arbitrary code via a long first argument to the HttpDownloadFileToTempDir method, a different vulnerability than CVE-2007-3169.

Affected configurations

NVD

Node

edrawoffice_viewer_componentMatch5.2

CPENameOperatorVersion
edraw:office_viewer_componentedraw office viewer componenteq5.2

CPE	Name	Operator	Version
edraw:office_viewer_component	edraw office viewer component	eq	5.2

References

osvdb.org/38832

www.securityfocus.com/bid/25593

www.exploit-db.com/exploits/4373

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

Low

0.211 Low

EPSS

Percentile

96.4%

JSON

Related for CVE-2007-4821

nvd4 prion4 cvelist4 nessus2 cve3