Vulnerabilities > CVE-2007-2848 - Buffer Overflow vulnerability in SKY Software Shcombobox Activex Control and Shell Megapack Activex

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

sky-software

critical

NVD

Published: 2007-05-24

Updated: 2017-07-29

Summary

Stack-based buffer overflow in the SetPath function in the shComboBox ActiveX control (shcmb80.ocx) in Sky Software Shell MegaPack ActiveX 8.0 allows remote attackers to execute arbitrary code via a long argument. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Vulnerable Configurations

Part	Description	Count
Application	Sky_Software SKY Software Shcombobox Activex Control * SKY Software Shell Megapack Activex 8.0	2

References

http://osvdb.org/36581
http://secunia.com/advisories/25269
http://www.securityfocus.com/bid/24113
https://exchange.xforce.ibmcloud.com/vulnerabilities/34458