PT-2007-6207 · Eb Design · Ebcrypt

Shinnai

Published

2007-09-26

Updated

2017-09-29

CVE-2007-5111

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions EB Design ebCrypt version 2.0

Description The issue concerns a certain ActiveX control in EBCRYPT.DLL, which allows remote attackers to cause a denial of service, resulting in a crash. This can be achieved by providing a string argument to the AddString method.

Recommendations For version 2.0, consider disabling the AddString method as a temporary workaround until a patch is available. Restrict access to the EBCRYPT.DLL module to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-5111

Affected Products

Ebcrypt

PT-2007-6207 · Eb Design · Ebcrypt

CVE-2007-5111

Related Identifiers

Affected Products

References · 6