Vulnerabilities > CVE-2007-2938
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Buffer overflow in the BaseRunner ActiveX control in the Ademco ATNBaseLoader100 Module (ATNBaseLoader100.dll) 5.4.0.6, when Internet Explorer 6 is used, allows remote attackers to execute arbitrary code via a long argument to the (1) Send485CMD method, and possibly the (2) SetLoginID, (3) AddSite, (4) SetScreen, and (5) SetVideoServer methods.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 | |
Application | 1 |
Exploit-Db
description | IE 6 / Ademco, co., ltd. ATNBaseLoader100 Module Remote BoF Exploit. CVE-2007-2938. Remote exploit for windows platform |
file | exploits/windows/remote/3993.html |
id | EDB-ID:3993 |
last seen | 2016-01-31 |
modified | 2007-05-26 |
platform | windows |
port | |
published | 2007-05-26 |
reporter | rgod |
source | https://www.exploit-db.com/download/3993/ |
title | Microsoft Internet Explorer 6 / Ademco co. ltd. ATNBaseLoader100 Module - Remote BoF Exploit |
type | remote |