CVE-2007-2848

Name of the Vulnerable Software and Affected Versions Sky Software Shell MegaPack ActiveX version 8.0

Description The issue is related to a stack-based buffer overflow in the SetPath function of the shComboBox ActiveX control. This can be exploited by remote attackers to execute arbitrary code by providing a long argument to the function.

Recommendations For Sky Software Shell MegaPack ActiveX version 8.0, consider disabling the SetPath function in the shComboBox ActiveX control as a temporary workaround until a patch is available. Restrict access to the shcmb80.ocx module to minimize the risk of exploitation. Avoid using long arguments in the SetPath function until the issue is resolved.