CVE-2007-2814 – Pegasus ImagN - ActiveX Control Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-2814
Multiple stack-based buffer overflows in the Pegasus ImagN' ActiveX control (IMW32O40.OCX) 4.00.041 allow remote attackers to execute arbitrary code via (1) a long FileName parameter, or unspecified vectors involving the (2) BeginReport, (3) CreatePictureExA, (4) DefineImage, (5) DefineImageEx, (6) DefineImageFox, (7) CopyBufToClipExA, (8) LoadEx, (9) LoadFox, and other functions. Múltiples desbordamientos de búfer basado en pila en el control ActiveX Pegasus ImagN' (EMW32O40.OCX) 4.00.041 permite a atacantes remotos ejecutar código de su elección mediante (1) un parámetro FileName largo, o vectores no especificados involucrando las funciones (2) BeginReport, (3) CreatePictureExA, (4) DefineImage, (5) DefineImageEx, (6) DefineImageFox, (7) CopyBufToClipExA, (8) LoadEx, (9) LoadFox, y otras. • https://www.exploit-db.com/exploits/3966 http://osvdb.org/36518 http://retrogod.altervista.org/IE_pegasus_imagn_bof.html http://secunia.com/advisories/25351 http://www.securityfocus.com/bid/24086 http://www.vupen.com/english/advisories/2007/1899 https://exchange.xforce.ibmcloud.com/vulnerabilities/34419 •