Vulnerabilities > CVE-2007-0371 - Denial of Service vulnerability in BrowseDialog ActiveX Control CCRPBDS6.DLL

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

common-controls-replacement-project

exploit available

NVD

Published: 2007-01-19

Updated: 2017-10-19

Summary

A certain ActiveX control in the Common Controls Replacement Project (CCRP) CCRP BrowseDialog Server (ccrpbds6.dll) allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long CCRP_BDc.SelectedFolder property value.

Vulnerable Configurations

Part	Description	Count
Application	Common_Controls_Replacement_Project Common Controls Replacement Project Browsedialog Server *	1

Exploit-Db

description	BrowseDialog Class (ccrpbds6.dll) Internet Explorer Denial of Service. CVE-2007-0371. Dos exploit for windows platform
file	exploits/windows/dos/3155.html
id	EDB-ID:3155
last seen	2016-01-31
modified	2007-01-18
platform	windows
port
published	2007-01-18
reporter	shinnai
source	https://www.exploit-db.com/download/3155/
title	BrowseDialog Class ccrpbds6.dll Internet Explorer 7 - Denial of Service
type	dos

Summary

Vulnerable Configurations

Exploit-Db

References