Vulnerabilities > CVE-2007-2588 - Denial of Service vulnerability in Office OCX Office Viewer OCX 3.2

047910
CVSS 9.3 - CRITICAL
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
office-ocx
critical
exploit available

Summary

Multiple buffer overflows in the Office Viewer OCX ActiveX control (oa.ocx) 3.2 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long argument to the (1) HttpDownloadFile, (2) Open, (3) OpenWebFile, (4) DoOleCommand, (5) FTPDownloadFile, (6) FTPUploadFile, (7) HttpUploadFile, (8) Save, or (9) SaveWebFile function. Failed exploit attempts will likely result in a browser-level denial of service condition.

Vulnerable Configurations

Part Description Count
Application
Office_Ocx
1

Exploit-Db

descriptionOffice Viewer OCX 3.2.0.5 Multiple Methods Denial of Service Exploit. CVE-2007-2588. Dos exploit for windows platform
idEDB-ID:3845
last seen2016-01-31
modified2007-05-04
published2007-05-04
reportershinnai
sourcehttps://www.exploit-db.com/download/3845/
titleOffice Viewer OCX 3.2.0.5 - Multiple Methods Denial of Service Exploit