Vulnerabilities > CVE-2007-2494 - Denial of Service vulnerability in Office OCX PowerPoint Viewer ActiveX
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Multiple stack-based buffer overflows in the PowerPointOCX ActiveX control in PowerPointViewer.ocx 3.1.0.3 allow remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long (1) DoOleCommand, (2) FTPDownloadFile, (3) FTPUploadFile, (4) HttpUploadFile, (5) Save, (6) SaveWebFile, (7) HttpDownloadFile, (8) Open, or (9) OpenWebFile property value. NOTE: some of these details are obtained from third party information.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | PowerPoint Viewer OCX 3.2 (ActiveX Control) Denial of Service Exploit. CVE-2007-2494. Dos exploit for windows platform |
| file | exploits/windows/dos/3826.html |
| id | EDB-ID:3826 |
| last seen | 2016-01-31 |
| modified | 2007-05-01 |
| platform | windows |
| port | |
| published | 2007-05-01 |
| reporter | shinnai |
| source | https://www.exploit-db.com/download/3826/ |
| title | PowerPoint Viewer OCX 3.2 ActiveX Control Denial of Service Exploit |
| type | dos |
References
- http://moaxb.blogspot.com/2007/05/moaxb-01-powerpointviewerocx-31.html
- http://osvdb.org/34332
- http://secunia.com/advisories/25092
- http://www.securityfocus.com/bid/23733
- http://www.vupen.com/english/advisories/2007/1612
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34013
- https://www.exploit-db.com/exploits/3826