Lucene search

[email protected]CVE-2007-4816

HistorySep 11, 2007 - 7:17 p.m.

CVE-2007-4816

2007-09-1119:17:00

CWE-119

[email protected]

web.nvd.nist.gov

cve

2007

4816

buffer overflows

baofeng2

activex control

mps.dll

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

Low

0.359 Low

EPSS

Percentile

97.2%

JSON

Multiple buffer overflows in the BaoFeng2 storm ActiveX control in Mps.dll allow remote attackers to have an unknown impact via a long (1) URL, (2) backImage, or (3) titleImage property value; (4) a long first argument to the advancedOpen method; a long argument to the (5) isDVDPath or (6) rawParse method; or (7) a .smpl file with a long path attribute in an item element in a PlayList.

Affected configurations

NVD

Node

baofengstormMatch2.8

baofengstormMatch2.9

CPENameOperatorVersion
baofeng:stormbaofeng stormeq2.8
baofeng:stormbaofeng stormeq2.9

CPE	Name	Operator	Version
baofeng:storm	baofeng storm	eq	2.8
baofeng:storm	baofeng storm	eq	2.9

References

osvdb.org/40491

secunia.com/advisories/26749

www.milw0rm.com/sploits/09082007-storm.zip

www.securityfocus.com/bid/25601

www.vupen.com/english/advisories/2007/3111

exchange.xforce.ibmcloud.com/vulnerabilities/36540

exchange.xforce.ibmcloud.com/vulnerabilities/36542

exchange.xforce.ibmcloud.com/vulnerabilities/36543

www.exploit-db.com/exploits/4375

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

Low

0.359 Low

EPSS

Percentile

97.2%

JSON

Related for CVE-2007-4816

cvelist2 prion2 nvd2 cve1