Vulnerabilities > CVE-2007-2588 - Denial of Service vulnerability in Office OCX Office Viewer OCX 3.2
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Multiple buffer overflows in the Office Viewer OCX ActiveX control (oa.ocx) 3.2 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long argument to the (1) HttpDownloadFile, (2) Open, (3) OpenWebFile, (4) DoOleCommand, (5) FTPDownloadFile, (6) FTPUploadFile, (7) HttpUploadFile, (8) Save, or (9) SaveWebFile function. Failed exploit attempts will likely result in a browser-level denial of service condition.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Office Viewer OCX 3.2.0.5 Multiple Methods Denial of Service Exploit. CVE-2007-2588. Dos exploit for windows platform |
id | EDB-ID:3845 |
last seen | 2016-01-31 |
modified | 2007-05-04 |
published | 2007-05-04 |
reporter | shinnai |
source | https://www.exploit-db.com/download/3845/ |
title | Office Viewer OCX 3.2.0.5 - Multiple Methods Denial of Service Exploit |
References
- http://moaxb.blogspot.com/2007/05/moaxb-04-office-viewer-oaocx-v-32.html
- http://osvdb.org/34335
- http://secunia.com/advisories/25143
- http://www.securityfocus.com/bid/23811
- http://www.shinnai.altervista.org/moaxb/20070504/oa.txt
- http://www.vupen.com/english/advisories/2007/1664
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34067