ID CVE-2007-2919
Summary Multiple stack-based buffer overflows in the FViewerLoading ActiveX control (FlipViewerX.dll) in E-Book Systems FlipViewer before 4.1 allow remote attackers to cause a denial of service (crash) or execute arbitrary code via long (1) UID, (2) Opf, (3) PAGENO, (4) LaunchMode, (5) SubID, (6) BookID, (7) LibraryID, (8) SubURL, and (9) LoadOpf properties.
References
Vulnerable Configurations
  • cpe:2.3:a:e-book_systems:flipviewer:4.0
    cpe:2.3:a:e-book_systems:flipviewer:4.0
CVSS
Base: 9.3 (as of 07-06-2007 - 22:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
exploit-db via4
description FlipViewer FViewerLoading ActiveX Control Buffer Overflow. CVE-2007-2919. Remote exploit for windows platform
id EDB-ID:16601
last seen 2016-02-02
modified 2010-06-15
published 2010-06-15
reporter metasploit
source https://www.exploit-db.com/download/16601/
title FlipViewer FViewerLoading ActiveX Control Buffer Overflow
metasploit via4
description This module exploits a stack buffer overflow in E-BOOK Systems FlipViewer 4.0. The vulnerability is caused due to a boundary error in the FViewerLoading (FlipViewerX.dll) ActiveX control when handling the "LoadOpf()" method.
id MSF:EXPLOIT/WINDOWS/BROWSER/EBOOK_FLIPVIEWER_FVIEWERLOADING
last seen 2019-03-30
modified 2017-11-08
published 2009-03-02
reliability Normal
reporter Rapid7
source https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/ebook_flipviewer_fviewerloading.rb
title FlipViewer FViewerLoading ActiveX Control Buffer Overflow
nessus via4
NASL family Windows
NASL id FLIPVIEWER_ACTIVEX_41_OVERFLOWS.NASL
description The Windows remote host contains the FlipViewer ActiveX control, which is used for viewing electronic documents. The version of this ActiveX control on the remote host reportedly contains multiple stack-based buffer overflow vulnerabilities. A remote attacker may be able to leverage these issues to execute arbitrary code on the remote host subject to the privileges of the current user.
last seen 2019-02-21
modified 2018-07-11
plugin id 25442
published 2007-06-07
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=25442
title FlipViewer ActiveX Control < 4.1 Buffer Overflow Vulnerabilities
packetstorm via4
data source https://packetstormsecurity.com/files/download/83113/ebook_flipviewer_fviewerloading.rb.txt
id PACKETSTORM:83113
last seen 2016-12-05
published 2009-11-26
reporter LSO
source https://packetstormsecurity.com/files/83113/FlipViewer-FViewerLoading-ActiveX-Control-Buffer-Overflow.html
title FlipViewer FViewerLoading ActiveX Control Buffer Overflow
refmap via4
bid 24328
cert-vn VU#449089
osvdb 37042
secunia 25568
vupen ADV-2007-2081
xf flipviewer-fviewerloading-bo(34742)
Last major update 30-10-2012 - 22:36
Published 06-06-2007 - 18:30
Last modified 28-07-2017 - 21:31
Back to Top