Lucene search

[email protected]CVE-2007-5941

HistoryNov 14, 2007 - 1:46 a.m.

CVE-2007-5941

2007-11-1401:46:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2007-5941

adobe shockwave

buffer overflow

swctl.swctl

activex

remote code execution

denial of service

8.9 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.025 Low

EPSS

Percentile

90.0%

JSON

Stack-based buffer overflow in the SWCtl.SWCtl ActiveX control in Adobe Shockwave allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long argument to the ShockwaveVersion method.

CPENameOperatorVersion
adobe:shockwave_playeradobe shockwave playereq*

CPE	Name	Operator	Version
adobe:shockwave_player	adobe shockwave player	eq	*

References

www.securityfocus.com/bid/26388

exchange.xforce.ibmcloud.com/vulnerabilities/38359

www.exploit-db.com/exploits/4613

Social References

8.9 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.025 Low

EPSS

Percentile

90.0%

JSON

Related for CVE-2007-5941

prion1