CVE-2007-6028

Name of the Vulnerable Software and Affected Versions ComponentOne FlexGrid version 7.1 Light

Description The issue is related to multiple stack-based buffer overflows in the VSFlexGrid.VSFlexGridL ActiveX control. This can be exploited by remote attackers who send a long string in the Text, EditSelText, EditText, and CellFontName property values, potentially leading to a denial of service and possibly the execution of arbitrary code.

Recommendations For ComponentOne FlexGrid version 7.1 Light, consider disabling the VSFlexGrid.VSFlexGridL ActiveX control until a patch is available to prevent potential exploitation. Avoid using long strings in the Text, EditSelText, EditText, and CellFontName property values to minimize the risk of triggering the buffer overflows.