PT-2007-3942 · Microsoft · Internet Explorer

Shinnai

Publicado

2007-05-11

Atualizado

2017-10-11

CVE-2007-2623

CVSS v2.0

7.8

Alta

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Remote Display Dev kit version 1.2.1.0

Description The issue is related to multiple buffer overflows in RControl.dll, which can be exploited by remote attackers to cause a denial of service, specifically crashing Internet Explorer 7. This can be achieved by providing a long first argument to the connect function or a long InternalServer property value.

Recommendations For Remote Display Dev kit version 1.2.1.0, consider disabling the connect function or restricting the length of the InternalServer property value to prevent the buffer overflow and subsequent denial of service.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2007-2623

Produtos afetados

Internet Explorer

PT-2007-3942 · Microsoft · Internet Explorer

CVE-2007-2623

Identificadores relacionados

Produtos afetados

Referências · 7