Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4105

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2007-4105
Last Modified 07 Mar 2011 09:57:48
Published 31 Jul 2007 06:17:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-4105

Summary

A certain ActiveX control in BaiduBar.dll in Baidu Soba Search Bar 5.4 allows remote attackers to execute arbitrary code via a request containing "a link to download and a file to execute," possibly involving remote file inclusion.

Vulnerable Systems

Application

  • Baidu Soba Search Bar 5.4


References

MISC - http://www.fortiguardcenter.com/advisory/FGA-2007-10.html

VUPEN - ADV-2007-2699

SECUNIA - 26256

XF - baidu-baidubar-code-execution(35692)

BID - 25121

BUGTRAQ - 20070802 Baidu Soba Remote Code Execute Vulnerability(FGA-2007-10)


Last Updated: 27 May 2016 10:45:46