CVE-2007-2848
Severity Score
10.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Stack-based buffer overflow in the SetPath function in the shComboBox ActiveX control (shcmb80.ocx) in Sky Software Shell MegaPack ActiveX 8.0 allows remote attackers to execute arbitrary code via a long argument. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Desbordamiento de búfer basado en pila en la función SetPath del control ActiveX shComboBox (shcmb80.ocx) del Sky Software Shell MegaPack ActiveX 8.0 permite a atacantes remotos ejecutar código de su elección mediante un argumento largo. NOTA: la procedencia de esta información es desconocida; los detalles se obtienen a partir de la información de terceros.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2007-05-24 CVE Reserved
- 2007-05-24 CVE Published
- 2024-02-18 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| http://osvdb.org/36581 | Vdb Entry | |
| http://www.securityfocus.com/bid/24113 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/34458 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/25269 | 2017-07-29 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Sky Software Search vendor "Sky Software" | Shcombobox Activex Control Search vendor "Sky Software" for product "Shcombobox Activex Control" | * | - |
Affected
| ||||||
| Sky Software Search vendor "Sky Software" | Shell Megapack Activex Search vendor "Sky Software" for product "Shell Megapack Activex" | 8.0 Search vendor "Sky Software" for product "Shell Megapack Activex" and version "8.0" | - |
Affected
| ||||||