Lucene search

[email protected]CVE-2007-4903

HistorySep 17, 2007 - 4:17 p.m.

CVE-2007-4903

2007-09-1716:17:00

CWE-119

[email protected]

web.nvd.nist.gov

cve

buffer overflow

activex control

cryptox.dll

security vulnerability

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

Low

0.148 Low

EPSS

Percentile

95.8%

JSON

Multiple buffer overflows in a certain ActiveX control in CryptoX.dll 2.0 and earlier in the Ultra Crypto Component allow remote attackers to execute arbitrary code via (1) a long string in the first argument to the AcquireContext method or (2) an unspecified vector to the DeleteContext method.

Affected configurations

NVD

Node

ultra_sharewareultra_crypto_componentMatch2.0.2007.801

CPENameOperatorVersion
ultra_shareware:ultra_crypto_componentultra shareware ultra crypto componenteq2.0.2007.801

CPE	Name	Operator	Version
ultra_shareware:ultra_crypto_component	ultra shareware ultra crypto component	eq	2.0.2007.801

References

osvdb.org/38979

www.securityfocus.com/bid/25609

www.securitytracker.com/id?1018674

exchange.xforce.ibmcloud.com/vulnerabilities/36524

www.exploit-db.com/exploits/4389

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

Low

0.148 Low

EPSS

Percentile

95.8%

JSON

Related for CVE-2007-4903

checkpoint_advisories1 prion1 cvelist1 nvd1