Vulnerabilities > CVE-2007-2526 - Denial of Service vulnerability in Smartcode VNC Manager 3.6
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Heap-based buffer overflow in the ConnectAsyncEx function in VNC Viewer ActiveX control (scvncctrl.dll) in the SmartCode VNC Manager 3.6 allows remote attackers to execute arbitrary code via a long argument.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | SmartCode VNC Manager 3.6 (scvncctrl.dll) Denial of Service Exploit. CVE-2007-2526. Dos exploit for windows platform |
| file | exploits/windows/dos/3873.html |
| id | EDB-ID:3873 |
| last seen | 2016-01-31 |
| modified | 2007-05-08 |
| platform | windows |
| port | |
| published | 2007-05-08 |
| reporter | shinnai |
| source | https://www.exploit-db.com/download/3873/ |
| title | SmartCode VNC Manager 3.6 scvncctrl.dll Denial of Service Exploit |
| type | dos |
References
- http://moaxb.blogspot.com/2007/05/moaxb-08-smartcode-vnc-manager-36.html
- http://osvdb.org/34340
- http://secunia.com/advisories/25203
- http://www.exploit-db.com/exploits/3873
- http://www.securityfocus.com/bid/23869
- http://www.shinnai.altervista.org/moaxb/20070508/scvncctrl.txt
- http://www.vupen.com/english/advisories/2007/1704
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34149