Lucene search

[email protected]CVE-2007-6699

HistoryFeb 04, 2008 - 11:00 p.m.

CVE-2007-6699

2008-02-0423:00:00

CWE-119

[email protected]

web.nvd.nist.gov

cve

buffer overflow

aim piceditor

activex control

denial of service

ygppicedit.dll

aol you've got pictures

ygp picture editor

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.8 Medium

AI Score

Confidence

High

0.031 Low

EPSS

Percentile

91.1%

JSON

Multiple buffer overflows in the AIM PicEditor 9.5.1.8 ActiveX control in YGPPicEdit.dll in AOL You’ve Got Pictures (YGP) Picture Editor allow remote attackers to cause a denial of service (browser crash) via a long string in the (1) DisplayName, (2) FinalSavePath, (3) ForceSaveTo, (4) HiddenControls, (5) InitialEditorScreen, (6) Locale, (7) Proxy, and (8) UserAgent property values.

Affected configurations

NVD

Node

aolygp_piceditor_activex_controlMatch9.5.1.8

CPENameOperatorVersion
aol:ygp_piceditor_activex_controlaol ygp piceditor activex controleq9.5.1.8

CPE	Name	Operator	Version
aol:ygp_piceditor_activex_control	aol ygp piceditor activex control	eq	9.5.1.8

References

osvdb.org/41198

seclists.org/fulldisclosure/2007/Dec/0561.html

seclists.org/fulldisclosure/2007/Dec/0574.html

www.securityfocus.com/bid/27026

www.securitytracker.com/id?1019143

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.8 Medium

AI Score

Confidence

High

0.031 Low

EPSS

Percentile

91.1%

JSON

Related for CVE-2007-6699

cvelist1 prion1 nvd1