Lucene search

[email protected]CVE-2007-2585

HistoryMay 10, 2007 - 12:19 a.m.

CVE-2007-2585

2007-05-1000:19:00

[email protected]

web.nvd.nist.gov

cve-2007-2585

barcodewiz

activex control

buffer overflow

security vulnerability

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.1 High

AI Score

Confidence

High

0.224 Low

EPSS

Percentile

96.5%

JSON

Stack-based buffer overflow in the Verify function in the BarCodeWiz ActiveX control 2.0 and 2.52 (BarcodeWiz.dll) allows remote attackers to execute arbitrary code via a long argument.

Affected configurations

NVD

Node

barcodewizbarcode_activex_controlMatch2.0

barcodewizbarcode_activex_controlMatch2.52

CPENameOperatorVersion
barcodewiz:barcode_activex_controlbarcodewiz barcode activex controleq2.0
barcodewiz:barcode_activex_controlbarcodewiz barcode activex controleq2.52

CPE	Name	Operator	Version
barcodewiz:barcode_activex_control	barcodewiz barcode activex control	eq	2.0
barcodewiz:barcode_activex_control	barcodewiz barcode activex control	eq	2.52

References

moaxb.blogspot.com/2007/05/moaxb-09-barcodewiz-activex-control-20.html

osvdb.org/35869

secunia.com/advisories/25209

www.securityfocus.com/bid/23891

www.shinnai.altervista.org/moaxb/20070509/barcodewiz.txt

www.vupen.com/english/advisories/2007/1728

exchange.xforce.ibmcloud.com/vulnerabilities/34180

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.1 High

AI Score

Confidence

High

0.224 Low

EPSS

Percentile

96.5%

JSON

Related for CVE-2007-2585

prion1 cvelist1 nvd1