CVE-2007-0443

Опубликовано: 24 апр. 2007

Источник: nvd

CVSS2: 9.3

EPSS Средний

Описание

Multiple buffer overflows in the CDDBControl ActiveX control in Gracenote CDDB before 20070418 allow remote attackers to execute arbitrary code via long values for certain Proxy configuration parameters.

Ссылки

http://osvdb.org/34327
http://secunia.com/advisories/22924
Patch
Vendor Advisory
http://www.gracenote.com/corporate/FAQs.html/faqset=update/page=0
http://www.securityfocus.com/archive/1/466403/100/0/threaded
http://www.securityfocus.com/bid/23567
Patch
http://www.securitytracker.com/id?1017937
http://www.vupen.com/english/advisories/2007/1475
http://www.zerodayinitiative.com/advisories/ZDI-07-021.html
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/33773
http://osvdb.org/34327
http://secunia.com/advisories/22924
Patch
Vendor Advisory
http://www.gracenote.com/corporate/FAQs.html/faqset=update/page=0
http://www.securityfocus.com/archive/1/466403/100/0/threaded
http://www.securityfocus.com/bid/23567
Patch
http://www.securitytracker.com/id?1017937
http://www.vupen.com/english/advisories/2007/1475
http://www.zerodayinitiative.com/advisories/ZDI-07-021.html
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/33773

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:gracenote:cddbcontrol_activex_control:*:*:*:*:*:*:*:*

EPSS

Процентиль: 94%

0.13949

Средний

9.3 Critical

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-w5fp-6rfc-2rq2

github

почти 4 года назад