PT-2007-4195 · Lead Technologies · Leadtools Raster Dialog File D Object

Published

2007-05-30

Updated

2017-07-29

CVE-2007-2895

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions LeadTools Raster Dialog File Object version 14.5.0.44

Description The issue is related to a buffer overflow in a certain ActiveX control in LTRDF14e.DLL, which allows remote attackers to execute arbitrary code via a long Directory property value.

Recommendations For version 14.5.0.44, consider disabling the affected ActiveX control until a patch is available. Restrict access to the Directory property to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-2895

Affected Products

Leadtools Raster Dialog File D Object

PT-2007-4195 · Lead Technologies · Leadtools Raster Dialog File D Object

CVE-2007-2895

Related Identifiers

Affected Products

References · 9