Vulnerability Description
Buffer overflow in a certain ActiveX control in ScanObjectBrowser.DLL in G DATA Antivirus 2007 might allow remote attackers to execute arbitrary code via unspecified parameters to the SelectPath function. NOTE: this issue might not cross privilege boundaries in most environments, since it is not marked as safe for scripting.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Gdata | Antivirus | 2007 |
Related Weaknesses (CWE)
References
- http://osvdb.org/42476
- http://securityreason.com/securityalert/3219
- http://www.eleytt.com/advisories/eleytt_GDATA2007_1.pdfVendor Advisory
- http://www.securityfocus.com/archive/1/482021/100/0/threaded
- http://www.securityfocus.com/bid/26008
- http://osvdb.org/42476
- http://securityreason.com/securityalert/3219
- http://www.eleytt.com/advisories/eleytt_GDATA2007_1.pdfVendor Advisory
- http://www.securityfocus.com/archive/1/482021/100/0/threaded
- http://www.securityfocus.com/bid/26008
FAQ
What is CVE-2007-5436?
CVE-2007-5436 is a vulnerability with a CVSS score of 7.6 (HIGH). Buffer overflow in a certain ActiveX control in ScanObjectBrowser.DLL in G DATA Antivirus 2007 might allow remote attackers to execute arbitrary code via unspecified parameters to the SelectPath funct...
How severe is CVE-2007-5436?
CVE-2007-5436 has been rated HIGH with a CVSS base score of 7.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-5436?
Check the references section above for vendor advisories and patch information. Affected products include: Gdata Antivirus.