Vulnerabilities > CVE-2007-0356 - Remote Denial of Service vulnerability in FolderTreeView ActiveX Control

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

common-controls-replacement-project

microsoft

exploit available

NVD

Published: 2007-01-19

Updated: 2017-10-19

Summary

The Common Controls Replacement Project (CCRP) FolderTreeview (FTV) ActiveX control (ccrpftv6.ocx) allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long CCRP.RootFolder property value.

Vulnerable Configurations

Part	Description	Count
Application	Common_Controls_Replacement_Project Common Controls Replacement Project Foldertreeview Activex Control *	1
Application	Microsoft Microsoft IE 7.0	1

Exploit-Db

description	CCRP Folder Treeview Control (ccrpftv6.ocx) IE Denial of Service Exploit. CVE-2007-0356. Dos exploit for windows platform
file	exploits/windows/dos/3142.html
id	EDB-ID:3142
last seen	2016-01-31
modified	2007-01-17
platform	windows
port
published	2007-01-17
reporter	shinnai
source	https://www.exploit-db.com/download/3142/
title	CCRP Folder Treeview Control ccrpftv6.ocx - IE Denial of Service Exploit
type	dos

Summary

Vulnerable Configurations

Exploit-Db

References