CVE-2007-2820

Name of the Vulnerable Software and Affected Versions KSign KSignSWAT ActiveX Control version 2.0.3.3

Description The issue is related to multiple stack-based buffer overflows in the KSign KSignSWAT ActiveX Control. This can be exploited by remote attackers to execute arbitrary code via long arguments to certain functions, including (1) SWAT Init(), (2) SWAT InitEx(), (3) SWAT InitEx2(), (4) SWAT InitEx3(), and (5) SWAT Login().

Recommendations For version 2.0.3.3, as a temporary workaround, consider disabling the SWAT Init(), SWAT InitEx(), SWAT InitEx2(), SWAT InitEx3(), and SWAT Login() functions until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.