CVE-2007-1682

Name of the Vulnerable Software and Affected Versions SoftArtisans XFile versions prior to 2.4.0

Description The issue is related to multiple stack-based buffer overflows in the FileManager ActiveX control. These overflows can occur via calls to certain methods, including BuildPath(), GetDriveName(), DriveExists(), or DeleteFile(). This can allow remote attackers to execute arbitrary code.

Recommendations For versions prior to 2.4.0, update to version 2.4.0 or later to resolve the issue. As a temporary workaround, consider disabling the FileManager ActiveX control until a patch is available. Restrict access to the BuildPath(), GetDriveName(), DriveExists(), and DeleteFile() methods to minimize the risk of exploitation.