Vulnerabilities > CVE-2007-2938

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

microsoft

honeywell

exploit available

NVD

Published: 2007-05-31

Updated: 2021-07-23

Summary

Buffer overflow in the BaseRunner ActiveX control in the Ademco ATNBaseLoader100 Module (ATNBaseLoader100.dll) 5.4.0.6, when Internet Explorer 6 is used, allows remote attackers to execute arbitrary code via a long argument to the (1) Send485CMD method, and possibly the (2) SetLoginID, (3) AddSite, (4) SetScreen, and (5) SetVideoServer methods.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Internet Explorer 6	1
Application	Honeywell Honeywell Ademco Atnbaseloader100 Module 5.4.0.6	1

Exploit-Db

description	IE 6 / Ademco, co., ltd. ATNBaseLoader100 Module Remote BoF Exploit. CVE-2007-2938. Remote exploit for windows platform
file	exploits/windows/remote/3993.html
id	EDB-ID:3993
last seen	2016-01-31
modified	2007-05-26
platform	windows
port
published	2007-05-26
reporter	rgod
source	https://www.exploit-db.com/download/3993/
title	Microsoft Internet Explorer 6 / Ademco co. ltd. ATNBaseLoader100 Module - Remote BoF Exploit
type	remote

Vulnerabilities > CVE-2007-2938 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2007-2938"}]}

Summary

Vulnerable Configurations

Exploit-Db

References

Vulnerabilities > CVE-2007-2938