Vulnerability Description
Buffer overflow in the GetWebStoreURL function in a certain ActiveX control in eSellerateControl365.dll 3.6.5.0 in eSellerate SDK allows user-assisted remote attackers to execute arbitrary code via a long first argument.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Digital River | Esellerate Sdk | 3.6.5.0 |
References
- http://osvdb.org/38803
- http://www.securityfocus.com/bid/24300Exploit
- http://www.shinnai.altervista.org/exploits/esellerate.htmlExploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35003
- http://osvdb.org/38803
- http://www.securityfocus.com/bid/24300Exploit
- http://www.shinnai.altervista.org/exploits/esellerate.htmlExploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35003
FAQ
What is CVE-2007-3071?
CVE-2007-3071 is a vulnerability with a CVSS score of 9.3 (HIGH). Buffer overflow in the GetWebStoreURL function in a certain ActiveX control in eSellerateControl365.dll 3.6.5.0 in eSellerate SDK allows user-assisted remote attackers to execute arbitrary code via a ...
How severe is CVE-2007-3071?
CVE-2007-3071 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-3071?
Check the references section above for vendor advisories and patch information. Affected products include: Digital River Esellerate Sdk.