Vulnerability Details CVE-2007-1403
Multiple stack-based buffer overflows in an ActiveX control in SwDir.dll 10.1.4.20 in Macromedia Shockwave allow remote attackers to cause a denial of service (Internet Explorer 7 crash) and possibly execute arbitrary code via a long (1) BGCOLOR, (2) SRC, (3) AutoStart, (4) Sound, (5) DrawLogo, or (6) DrawProgress property value, different vectors than CVE-2006-6885.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.246
EPSS Ranking 95.9%
CVSS Severity
CVSS v2 Score 7.5
Products affected by CVE-2007-1403
-
cpe:2.3:a:macromedia:shockwave:10.1.4.20