Vulnerability Description
Multiple stack-based buffer overflows in an ActiveX control in SwDir.dll 10.1.4.20 in Macromedia Shockwave allow remote attackers to cause a denial of service (Internet Explorer 7 crash) and possibly execute arbitrary code via a long (1) BGCOLOR, (2) SRC, (3) AutoStart, (4) Sound, (5) DrawLogo, or (6) DrawProgress property value, different vectors than CVE-2006-6885.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Macromedia | Shockwave | 10.1.4.20 |
References
- http://osvdb.org/36005
- http://www.securityfocus.com/bid/22842
- https://www.exploit-db.com/exploits/3421
- http://osvdb.org/36005
- http://www.securityfocus.com/bid/22842
- https://www.exploit-db.com/exploits/3421
FAQ
What is CVE-2007-1403?
CVE-2007-1403 is a vulnerability with a CVSS score of 7.5 (HIGH). Multiple stack-based buffer overflows in an ActiveX control in SwDir.dll 10.1.4.20 in Macromedia Shockwave allow remote attackers to cause a denial of service (Internet Explorer 7 crash) and possibly ...
How severe is CVE-2007-1403?
CVE-2007-1403 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-1403?
Check the references section above for vendor advisories and patch information. Affected products include: Macromedia Shockwave.