Lucene search

MitreCVE-2007-2827

HistoryMay 22, 2007 - 9:30 p.m.

CVE-2007-2827

2007-05-2221:30:00

CWE-119

mitre

web.nvd.nist.gov

cve-2007-2827

buffer overflow

lead technologies

leadtools isis

activex control

ltisi14e.ocx

code execution

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

Confidence

Low

EPSS

0.238

Percentile

96.7%

JSON

Heap-based buffer overflow in LEAD Technologies LEADTOOLS ISIS ActiveX Control (ltisi14E.ocx) 14.5.0.44 and earlier allows remote attackers to execute arbitrary code via a long DriverName property.

Affected configurations

Nvd

Node

lead_technologiesleadtools_isis_activex_controlRange≤14.5.0.44

VendorProductVersionCPE
lead_technologiesleadtools_isis_activex_control*cpe:2.3:a:lead_technologies:leadtools_isis_activex_control:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
lead_technologies	leadtools_isis_activex_control	*	cpe:2.3:a:lead_technologies:leadtools_isis_activex_control::::::::

References

moaxb.blogspot.com/2007/05/moaxb-22-leadtools-isis-control.html

osvdb.org/36032

secunia.com/advisories/25349

www.securityfocus.com/bid/24093

www.shinnai.altervista.org/moaxb/20070522/leadisistxt.html

www.vupen.com/english/advisories/2007/1900

exchange.xforce.ibmcloud.com/vulnerabilities/34437

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

Confidence

Low

EPSS

0.238

Percentile

96.7%

JSON

Related for CVE-2007-2827