Published: 06/06/2007 Updated: 29/07/2017

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 940

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Buffer overflow in the GetWebStoreURL function in a certain ActiveX control in eSellerateControl365.dll 3.6.5.0 in eSellerate SDK allows user-assisted remote malicious users to execute arbitrary code via a long first argument.

Vulnerable Product	Search on Vulmon	Subscribe to Product
digital river esellerate sdk 3.6.5.0

source: wwwsecurityfocuscom/bid/24300/info eSellerate SDK ActiveX control is prone to a buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context o ...

<HTML> <BODY> <input language=JavaScript onclick=Tryme() type=button value="Launch Calc"> <object id=boom classid="clsid:{C915F573-4C11-4968-9080-29E611FDBE9F}"></object> Tango DropBox Activex Heap Spray Exploit Version:315 + PRO The vulnerability lies in the CO ...

NVD-CWE-Other http://www.shinnai.altervista.org/exploits/esellerate.html http://www.securityfocus.com/bid/24300 http://osvdb.org/38803 https://exchange.xforce.ibmcloud.com/vulnerabilities/35003 https://nvd.nist.gov https://www.exploit-db.com/exploits/30144/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-3071

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect