CVE-2007-2623 - Multiple buffer overflows in RControl.dll in Remote Display Dev kit 1.2.1.0 allow remote attackers t

CVE-2007-2623

Summary

Multiple buffer overflows in RControl.dll in Remote Display Dev kit 1.2.1.0 allow remote attackers to cause a denial of service (Internet Explorer 7 crash) via (1) a long first argument to the connect function or (2) a long InternalServer property value, possibly involving ntdll.dll.

References

Vulnerable Configurations

cpe:2.3:a:fruit2004:remote_display_development_kit:1.2.10:*:*:*:*:*:*:*
cpe:2.3:a:fruit2004:remote_display_development_kit:1.2.10:*:*:*:*:*:*:*

CVSS

Base:	7.8 (as of 11-10-2017 - 01:32)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:N/A:C

refmap via4

bid	23914
exploit-db	3891
misc	http://moaxb.blogspot.com/2007/05/moaxb-10-rcontroldll-v-1210-denial-of.html http://www.shinnai.altervista.org/moaxb/20070510/rControl.txt
osvdb	36022
xf	remoteddk-rcontrol-bo(34231)

Last major update

11-10-2017 - 01:32

Published

11-05-2007 - 16:19

Last modified

11-10-2017 - 01:32