CVE-2007-4816
BaoFeng2 - 'mps.dll' ActiveX Multiple Remote Buffer Overflows (PoC)
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
3Exploited in Wild
-Decision
Descriptions
Multiple buffer overflows in the BaoFeng2 storm ActiveX control in Mps.dll allow remote attackers to have an unknown impact via a long (1) URL, (2) backImage, or (3) titleImage property value; (4) a long first argument to the advancedOpen method; a long argument to the (5) isDVDPath or (6) rawParse method; or (7) a .smpl file with a long path attribute in an item element in a PlayList.
Múltiples desbordamientos de búfer en el control ActiveX BaoFeng2 storm en Mps.dll permiten a atacantes remotos tener impacto desconocido mediante un valor largo de (1) URL, (2) la propiedad backImage, o (3) la propiedad titleImage; (4) un primer argumento largo para el método advancedOpen; un argumento largo para el método (5)isDVDPath o (6)rawParse; o (7) un archivo .smpl con un atributo path (ruta) largo en un elemento item de una lista de reproducción (PlayList).
CVSS Scores
SSVC
- Decision:-
Timeline
- 2007-09-11 CVE Reserved
- 2007-09-11 CVE Published
- 2024-07-15 EPSS Updated
- 2024-08-07 CVE Updated
- 2024-08-07 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (9)
URL | Tag | Source |
---|---|---|
http://osvdb.org/40491 | Vdb Entry | |
http://secunia.com/advisories/26749 | Third Party Advisory | |
http://www.vupen.com/english/advisories/2007/3111 | Vdb Entry | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/36540 | Vdb Entry | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/36542 | Vdb Entry | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/36543 | Vdb Entry |
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/4375 | 2024-08-07 | |
http://www.milw0rm.com/sploits/09082007-storm.zip | 2024-08-07 | |
http://www.securityfocus.com/bid/25601 | 2024-08-07 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Baofeng Search vendor "Baofeng" | Storm Search vendor "Baofeng" for product "Storm" | 2.8 Search vendor "Baofeng" for product "Storm" and version "2.8" | - |
Affected
| ||||||
Baofeng Search vendor "Baofeng" | Storm Search vendor "Baofeng" for product "Storm" | 2.9 Search vendor "Baofeng" for product "Storm" and version "2.9" | - |
Affected
|