CVE-2007-3536 - Multiple buffer overflows in the AMX NetLinx VNC (AmxVnc) ActiveX control in AmxVnc.dll 1.0.13.0 all

CVE-2007-3536

Summary

Multiple buffer overflows in the AMX NetLinx VNC (AmxVnc) ActiveX control in AmxVnc.dll 1.0.13.0 allow remote attackers to execute arbitrary code via long (1) Host, (2) Password, or (3) LogFile property values.

References

http://osvdb.org/37672
http://secunia.com/advisories/25891
http://www.securityfocus.com/bid/24703
http://www.vupen.com/english/advisories/2007/2387
https://exchange.xforce.ibmcloud.com/vulnerabilities/35155
https://www.exploit-db.com/exploits/4123

Vulnerable Configurations

cpe:2.3:a:amx:netlinx_vnc_activex_control:1.0.13.0:*:*:*:*:*:*:*
cpe:2.3:a:amx:netlinx_vnc_activex_control:1.0.13.0:*:*:*:*:*:*:*

CVSS

Base:	7.6 (as of 29-09-2017 - 01:29)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	HIGH	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:H/Au:N/C:C/I:C/A:C

refmap via4

bid	24703
exploit-db	4123
osvdb	37672
secunia	25891
vupen	ADV-2007-2387
xf	amxnetlinx-hostpasswordlogfile-bo(35155)

Last major update

29-09-2017 - 01:29

Published

03-07-2007 - 20:30

Last modified

29-09-2017 - 01:29