Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4145

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2007-4145
Last Modified 05 Sep 2008 05:27:31
Published 03 Aug 2007 04:17:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-4145

Summary

Heap-based buffer overflow in the BlueSkychat (BlueSkyCat) ActiveX control (V2.V2Ctrl.1) in v2.ocx 8.1.2.0 and earlier allows remote attackers to execute arbitrary code via a long string in the second argument to the ConnecttoServer method.

Vulnerable Systems

Application

  • Blueskychat 8.1.2.0


References

XF - blueskychat-v2-bo(35699)

MISC - http://www.vulnhunt.com/advisories/CAL-20070730-1_BlueSkyCat_v2.ocx_ActiveX_remote_heap_overflow_vulnerability_en.txt

BID - 25149

BUGTRAQ - 20070731 CAL-20070730-1 BlueSkyCat ActiveX Remote Heap Overflow vulnerability

MISC - http://codeaudit.blogspot.com/

SREASON - 2959


Last Updated: 27 May 2016 10:45:46