Vulnerabilities > CVE-2007-1162 - Buffer Overflow vulnerability in BrowseDialog ActiveX Control CCRPBDS6.DLL

047910
CVSS 7.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
COMPLETE
network
low complexity
common-controls-replacement-project
exploit available

Summary

A certain ActiveX control in the Common Controls Replacement Project (CCRP) CCRP BrowseDialog Server (ccrpbds6.dll) allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long (1) IsFolderAvailable or (2) RootFolder property value, different vectors than CVE-2007-0371.

Vulnerable Configurations

Part Description Count
Application
Common_Controls_Replacement_Project
1

Exploit-Db

descriptionBrowseDialog Class (ccrpbds6.dll) Multiple Methods DoS Exploit. CVE-2007-1162. Dos exploit for windows platform
fileexploits/windows/dos/3350.html
idEDB-ID:3350
last seen2016-01-31
modified2007-02-21
platformwindows
port
published2007-02-21
reportershinnai
sourcehttps://www.exploit-db.com/download/3350/
titleBrowseDialog Class ccrpbds6.dll Multiple Methods DoS Exploit
typedos