Published: 30/11/2007 Updated: 15/10/2018

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 935

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

A certain ActiveX control in (1) OScan8.ocx and (2) Oscan81.ocx in BitDefender Online Anti-Virus Scanner 8.0 allows remote malicious users to execute arbitrary code via a long argument to the InitX method that begins with a "%%" sequence, which is misinterpreted as a Unicode string and decoded twice, leading to improper memory allocation and a heap-based buffer overflow.

Vulnerable Product	Search on Vulmon	Subscribe to Product
bitdefender online anti-virus scanner 8.0

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- BitDefender OScan8ocx / Oscan81ocx ActiveX Exploit =-=-=-=-=-=-=-=-=-=-=-=-PRIVATE! NOT PUBLIC!=-=-=-=-=-=-=-=-=-=-=-=- researcheeyecom/html/advisories/published/AD20071120html secuniacom/advisories/27717/ This works not 100% - it corrupts rando ...

CWE-119 http://research.eeye.com/html/advisories/published/AD20071120.html http://securitytracker.com/id?1018986 http://secunia.com/advisories/27717 http://securityreason.com/securityalert/3405 http://www.vupen.com/english/advisories/2007/3935 https://www.exploit-db.com/exploits/4663 http://www.securityfocus.com/archive/1/483986/100/100/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/4663/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-6189

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect