Vulnerabilities > CVE-2007-2918 - Unspecified vulnerability in Logitech Videocall

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
logitech
exploit available
metasploit

Summary

Multiple stack-based buffer overflows in ActiveX controls (1) VibeC in (a) vibecontrol.dll, (2) CallManager and (3) ViewerClient in (b) StarClient.dll, (4) ComLink in (c) uicomlink.dll, and (5) WebCamXMP in (d) wcamxmp.dll in Logitech VideoCall allow remote attackers to cause a denial of service (browser crash) and execute arbitrary code via unspecified vectors.

Vulnerable Configurations

Part Description Count
Application
Logitech
1

Exploit-Db

descriptionLogitech VideoCall ActiveX Control Buffer Overflow. CVE-2007-2918. Remote exploit for windows platform
idEDB-ID:16511
last seen2016-02-02
modified2010-05-09
published2010-05-09
reportermetasploit
sourcehttps://www.exploit-db.com/download/16511/
titleLogitech VideoCall ActiveX Control Buffer Overflow

Metasploit

descriptionThis module exploits a stack buffer overflow in the Logitech VideoCall ActiveX Control (wcamxmp.dll 2.0.3470.448). By sending an overly long string to the "Start()" method, an attacker may be able to execute arbitrary code.
idMSF:EXPLOIT/WINDOWS/BROWSER/LOGITECHVIDEOCALL_START
last seen2020-02-29
modified2017-09-09
published2007-07-01
referenceshttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2918
reporterRapid7
sourcehttps://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/browser/logitechvideocall_start.rb
titleLogitech VideoCall ActiveX Control Buffer Overflow

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/82977/logitechvideocall_start.rb.txt
idPACKETSTORM:82977
last seen2016-12-05
published2009-11-26
reporterMC
sourcehttps://packetstormsecurity.com/files/82977/Logitech-VideoCall-ActiveX-Control-Buffer-Overflow.html
titleLogitech VideoCall ActiveX Control Buffer Overflow