Vulnerability Description
Buffer overflow in a certain ActiveX control in DartZipLite.dll 1.8.5.3 in Dart ZipLite Compression for ActiveX allows user-assisted remote attackers to execute arbitrary code via a long first argument to the QuickZip function, a related issue to CVE-2007-2856.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dart | Dart Ziplite Compression | 1.8.5.3 |
Related Weaknesses (CWE)
References
- http://moaxb.blogspot.com/2007/05/moaxb-22-bonus-dart-ziplite-compression.html
- http://osvdb.org/38110
- http://shinnai.altervista.org/viewtopic.php?id=42&t_id=25Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34433
- http://moaxb.blogspot.com/2007/05/moaxb-22-bonus-dart-ziplite-compression.html
- http://osvdb.org/38110
- http://shinnai.altervista.org/viewtopic.php?id=42&t_id=25Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34433
FAQ
What is CVE-2007-2855?
CVE-2007-2855 is a vulnerability with a CVSS score of 9.3 (HIGH). Buffer overflow in a certain ActiveX control in DartZipLite.dll 1.8.5.3 in Dart ZipLite Compression for ActiveX allows user-assisted remote attackers to execute arbitrary code via a long first argumen...
How severe is CVE-2007-2855?
CVE-2007-2855 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-2855?
Check the references section above for vendor advisories and patch information. Affected products include: Dart Dart Ziplite Compression.