Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft Agent ActiveX buffer overflow
updated since 11.09.2007
Published:12.09.2007
Source:
SecurityVulns ID:8136
Type:client
Threat Level:
6/10
Description:Buffer overflow on oversized URL.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
CVE:CVE-2007-3040 (Stack-based buffer overflow in the Agent.Control function in Microsoft Agent ActiveX control (agentdpv.dll) in Microsoft Windows 2000 SP4 allows remote attackers to execute arbitrary code via a crafted URL, a different issue than CVE-2007-1205.)
Original documentdocumentIDEFENSE, iDefense Security Advisory 09.11.07: Microsoft Windows 2000 Agent URL Canonicalizing Stack Based Buffer Overflow Vulnerability (12.09.2007)
 documentVR-Subscription-noreply_(at)_assurent.com, Assurent VR - Microsoft Agent Crafted URL Stack Buffer Overflow (11.09.2007)
 documentMICROSOFT, Microsoft Security Bulletin MS07-051 - Critical Vulnerability in Microsoft Agent Could Allow Remote Code Execution (938827) (11.09.2007)
Files:Microsoft Security Bulletin MS07-051 - Critical Vulnerability in Microsoft Agent Could Allow Remote Code Execution (938827)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod