CVE-2007-2919

Name of the Vulnerable Software and Affected Versions E-Book Systems FlipViewer versions prior to 4.1

Description The issue is related to multiple stack-based buffer overflows in the FViewerLoading ActiveX control. This can be exploited by remote attackers to cause a denial of service or execute arbitrary code via long properties, including UID, Opf, PAGENO, LaunchMode, SubID, BookID, LibraryID, SubURL, and LoadOpf.

Recommendations For versions prior to 4.1, update to version 4.1 or later to resolve the issue. As a temporary workaround, consider restricting the use of the FViewerLoading ActiveX control until a patch is applied. Avoid using long values for the vulnerable properties, such as UID, Opf, PAGENO, LaunchMode, SubID, BookID, LibraryID, SubURL, and LoadOpf, in the affected ActiveX control.