CVE-2007-4802

Name of the Vulnerable Software and Affected Versions: GlobalLink version 2.7.0.8

Description: The issue is related to multiple heap-based buffer overflows that allow remote attackers to execute arbitrary code. This can be achieved through a long eighth argument to the SetInfo method in a certain ActiveX control in glItemCom.dll or a long second argument to the SetClientInfo method in a certain ActiveX control in glitemflat.dll.

Recommendations: For GlobalLink version 2.7.0.8, consider disabling the SetInfo and SetClientInfo methods in the affected ActiveX controls until a patch is available. Restrict access to the glItemCom.dll and glitemflat.dll modules to minimize the risk of exploitation. Avoid using long arguments in the SetInfo and SetClientInfo methods until the issue is resolved.