PT-2007-4794 · Amx · Amxvnc

Rgod

Published

2007-07-03

Updated

2017-09-29

CVE-2007-3536

CVSS v2.0

7.6

High

Vector

AV:N/AC:H/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions AmxVnc.dll version 1.0.13.0

Description The issue is related to multiple buffer overflows in the AMX NetLinx VNC (AmxVnc) ActiveX control. Remote attackers can execute arbitrary code by providing long values for certain properties, including Host, Password, or LogFile.

Recommendations For AmxVnc.dll version 1.0.13.0, consider restricting the use of the AmxVnc ActiveX control until a patch is available. As a temporary workaround, limit the length of input values for the Host, Password, and LogFile properties to prevent buffer overflows.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-3536

Affected Products

Amxvnc

PT-2007-4794 · Amx · Amxvnc

CVE-2007-3536

Related Identifiers

Affected Products

References · 7