Vulnerability Details CVE-2007-1083
Buffer overflow in the Configuration Checker (ConfigChk) ActiveX control in VSCnfChk.dll 2.0.0.2 for Verisign Managed PKI Service, Secure Messaging for Microsoft Exchange, and Go Secure! allows remote attackers to execute arbitrary code via long arguments to the VerCompare method.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.282
EPSS Ranking 96.2%
CVSS Severity
CVSS v2 Score 9.3
References
- http://attrition.org/pipermail/vim/2007-February/001384.html
- http://attrition.org/pipermail/vim/2007-February/001385.html
- http://jvn.jp/cert/JVNVU%23308087/index.html
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=479
- http://osvdb.org/33479
- http://secunia.com/advisories/24249
- http://www.jpcert.or.jp/at/2007/at070006.txt
- http://www.kb.cert.org/vuls/id/308087
- http://www.securityfocus.com/bid/22671
- http://www.securityfocus.com/bid/22676
- http://www.securitytracker.com/id?1017692
- http://www.securitytracker.com/id?1017693
- http://www.securitytracker.com/id?1017694
- http://www.vupen.com/english/advisories/2007/0702
- https://download.verisign.co.jp/support/announce/20070216.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32639
- http://attrition.org/pipermail/vim/2007-February/001384.html
- http://attrition.org/pipermail/vim/2007-February/001385.html
- http://jvn.jp/cert/JVNVU%23308087/index.html
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=479
- http://osvdb.org/33479
- http://secunia.com/advisories/24249
- http://www.jpcert.or.jp/at/2007/at070006.txt
- http://www.kb.cert.org/vuls/id/308087
- http://www.securityfocus.com/bid/22671
- http://www.securityfocus.com/bid/22676
- http://www.securitytracker.com/id?1017692
- http://www.securitytracker.com/id?1017693
- http://www.securitytracker.com/id?1017694
- http://www.vupen.com/english/advisories/2007/0702
- https://download.verisign.co.jp/support/announce/20070216.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32639
Products affected by CVE-2007-1083
-
cpe:2.3:a:verisign:mpki:*
-
cpe:2.3:a:verisign:mpki:4.6.1
-
cpe:2.3:a:verisign:mpki:5.0
-
cpe:2.3:a:verisign:mpki:6.0
-
cpe:2.3:a:verisign:mpki:7.0