CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2007-0174

Multiple stack-based multiple buffer overflows in the BRWOSSRE2UC.dll ActiveX Control in Sina UC2006 and earlier allow remote attackers to execute arbitrary code via a long string in the (1) astrVerion parameter to the SendChatRoomOpt function or (2) the astrDownDir parameter to the SendDownLoadFile function.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.062

EPSS Ranking 90.5%

CVSS Severity

CVSS v2 Score 7.5

References

http://marc.info/?l=full-disclosure&m=116832852700467&w=2
http://osvdb.org/32659
http://secunia.com/advisories/23638
http://secway.org/advisory/ad20070109EN.txt
http://www.securityfocus.com/archive/1/456378/100/0/threaded
http://www.securityfocus.com/bid/21958
http://www.vupen.com/english/advisories/2007/0093
https://exchange.xforce.ibmcloud.com/vulnerabilities/31348
https://exchange.xforce.ibmcloud.com/vulnerabilities/31350
http://marc.info/?l=full-disclosure&m=116832852700467&w=2
http://osvdb.org/32659
http://secunia.com/advisories/23638
http://secway.org/advisory/ad20070109EN.txt
http://www.securityfocus.com/archive/1/456378/100/0/threaded
http://www.securityfocus.com/bid/21958
http://www.vupen.com/english/advisories/2007/0093
https://exchange.xforce.ibmcloud.com/vulnerabilities/31348
https://exchange.xforce.ibmcloud.com/vulnerabilities/31350

Products affected by CVE-2007-0174

Sina » Sina » Version: uc2006

cpe:2.3:a:sina:sina:uc2006

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-0174

Products

Pricing

Contact Us