Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5722

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2007-5722
Last Modified 06 Jan 2011 12:00:00
Published 30 Oct 2007 05:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-5722

Summary

Stack-based buffer overflow in a certain ActiveX control in GLChat.ocx 2.5.1.32 in GlobalLink 2.7.0.8, as used in Ourgame GLWorld and possibly other products, allows remote attackers to execute arbitrary code via a long first argument to the ConnectAndEnterRoom method, possibly involving the GLCHAT.GLChatCtrl.1 control, as originally exploited in the wild in October 2007. NOTE: some of these details are obtained from third party information. NOTE: this was originally reported as a heap-based issue by some sources.

Vulnerable Systems

Application

  • Ourgame.com Globallink


References

XF - ourgame-glworld-glchatctrl-bo(38222)

BID - 26244

SECUNIA - 27500

OSVDB - 38837


Last Updated: 27 May 2016 10:46:14