Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:3071
HistoryMar 21, 2008 - 12:00 a.m.

BusinessObjects RptViewerAX ActiveX控件栈溢出漏洞

2008-03-2100:00:00
Root
www.seebug.org
13

EPSS

0.033

Percentile

91.3%

JSON

BUGTRAQ ID: 28292
CVE(CAN) ID: CVE-2007-6254

Business Objects是全球领先的商务智能平台。

Business Objects产品所安装的RptViewerAX ActiveX控件(RptViewerAX.dll)中存在栈溢出漏洞,如果用户受骗访问了恶意网页并向该控件传送了超长参数的话,就可能触发这个溢出,导致执行任意指令。

Business Objects BusinessObjects 6.5
Business Objects

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

<a href=“http://support.businessobjects.com/downloads/service_packs/default.asp” target=“_blank”>http://support.businessobjects.com/downloads/service_packs/default.asp</a>


                                                *&nbsp;在IE中禁用RptViewerAX&nbsp;ActiveX控件,为以下CLSID设置kill&nbsp;bit:

{B20D9D6A-0DEC-4d76-9BEF-175896006B4A}

或者将以下文本保存为.REG文件并导入:

Windows&nbsp;Registry&nbsp;Editor&nbsp;Version&nbsp;5.00

[HKEY_LO

Related

cert 1
nvd 1
prion 1
cvelist 1
cve 1
cert
cert
BusinessObjects RptViewerAX ActiveX control stack buffer overflow
2008-03-18 00:00:00
nvd
nvd
CVE-2007-6254
2008-03-20 00:44:00
prion
prion
Stack overflow
2008-03-20 00:44:00
cvelist
cvelist
CVE-2007-6254
2008-03-20 00:00:00
cve
cve
CVE-2007-6254
2008-03-20 00:44:00

EPSS

0.033

Percentile

91.3%

JSON
Related for SSV:3071
cert1nvd1prion1cvelist1cve1