Lucene search

[email protected]CVE-2007-2648

HistoryMay 14, 2007 - 9:19 p.m.

CVE-2007-2648

2007-05-1421:19:00

[email protected]

web.nvd.nist.gov

cve-2007-2648

buffer overflow

clever database comparer

activex control

security vulnerability

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.1 High

AI Score

Confidence

High

0.22 Low

EPSS

Percentile

96.5%

JSON

Stack-based buffer overflow in the Clever Database Comparer 2.2 ActiveX control (comparerax.ocx) allows remote attackers to execute arbitrary code via a long argument to the ConnectToDatabase function.

Affected configurations

NVD

Node

clever_componentsclever_database_comparerMatch2.2

CPENameOperatorVersion
clever_components:clever_database_comparerclever components clever database comparereq2.2

CPE	Name	Operator	Version
clever_components:clever_database_comparer	clever components clever database comparer	eq	2.2

References

moaxb.blogspot.com/2007/05/moaxb-14-clever-database-comparer.html

osvdb.org/36019

secunia.com/advisories/25227

www.securityfocus.com/bid/23969

www.shinnai.altervista.org/moaxb/20070514/clever.html

www.vupen.com/english/advisories/2007/1792

exchange.xforce.ibmcloud.com/vulnerabilities/34261

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.1 High

AI Score

Confidence

High

0.22 Low

EPSS

Percentile

96.5%

JSON

Related for CVE-2007-2648

prion1 cvelist1 nvd1