Vulnerability Details CVE-2007-0443
Multiple buffer overflows in the CDDBControl ActiveX control in Gracenote CDDB before 20070418 allow remote attackers to execute arbitrary code via long values for certain Proxy configuration parameters.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.135
EPSS Ranking 93.9%
CVSS Severity
CVSS v2 Score 9.3
References
- http://osvdb.org/34327
- http://secunia.com/advisories/22924
- http://www.gracenote.com/corporate/FAQs.html/faqset=update/page=0
- http://www.securityfocus.com/archive/1/466403/100/0/threaded
- http://www.securityfocus.com/bid/23567
- http://www.securitytracker.com/id?1017937
- http://www.vupen.com/english/advisories/2007/1475
- http://www.zerodayinitiative.com/advisories/ZDI-07-021.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33773
- http://osvdb.org/34327
- http://secunia.com/advisories/22924
- http://www.gracenote.com/corporate/FAQs.html/faqset=update/page=0
- http://www.securityfocus.com/archive/1/466403/100/0/threaded
- http://www.securityfocus.com/bid/23567
- http://www.securitytracker.com/id?1017937
- http://www.vupen.com/english/advisories/2007/1475
- http://www.zerodayinitiative.com/advisories/ZDI-07-021.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33773
Products affected by CVE-2007-0443
-
cpe:2.3:a:gracenote:cddbcontrol_activex_control:*