Vulnerability Description
Stack-based buffer overflow in the SetPath function in the shComboBox ActiveX control (shcmb80.ocx) in Sky Software Shell MegaPack ActiveX 8.0 allows remote attackers to execute arbitrary code via a long argument. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sky Software | Shcombobox Activex Control | All versions |
| Sky Software | Shell Megapack Activex | 8.0 |
References
- http://osvdb.org/36581
- http://secunia.com/advisories/25269Vendor Advisory
- http://www.securityfocus.com/bid/24113
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34458
- http://osvdb.org/36581
- http://secunia.com/advisories/25269Vendor Advisory
- http://www.securityfocus.com/bid/24113
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34458
FAQ
What is CVE-2007-2848?
CVE-2007-2848 is a vulnerability with a CVSS score of 10.0 (HIGH). Stack-based buffer overflow in the SetPath function in the shComboBox ActiveX control (shcmb80.ocx) in Sky Software Shell MegaPack ActiveX 8.0 allows remote attackers to execute arbitrary code via a l...
How severe is CVE-2007-2848?
CVE-2007-2848 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-2848?
Check the references section above for vendor advisories and patch information. Affected products include: Sky Software Shcombobox Activex Control, Sky Software Shell Megapack Activex.