Vulnerabilities > CVE-2007-3071 - Buffer Overflow vulnerability in Digital River Esellerate SDK 3.6.5.0

047910
CVSS 9.3 - CRITICAL
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
digital-river
critical
exploit available
NVD
Published: 2007-06-06
Updated: 2017-07-29

Summary

Buffer overflow in the GetWebStoreURL function in a certain ActiveX control in eSellerateControl365.dll 3.6.5.0 in eSellerate SDK allows user-assisted remote attackers to execute arbitrary code via a long first argument.

Vulnerable Configurations

Part Description Count
Application
Digital_River
1

Exploit-Db

  • descriptionTango DropBox 3.1.5 + PRO - Activex Heap Spray. CVE-2007-3071. Webapps exploit for windows platform
    idEDB-ID:37319
    last seen2016-02-04
    modified2015-06-19
    published2015-06-19
    reportermetacom
    sourcehttps://www.exploit-db.com/download/37319/
    titleTango DropBox 3.1.5 + PRO - Activex Heap Spray
  • descriptioneSellerate SDK 3.6.5 eSellerateControl365.DLL ActiveX Control Buffer Overflow Vulnerability. CVE-2007-3071 . Remote exploit for windows platform
    idEDB-ID:30144
    last seen2016-02-03
    modified2007-06-04
    published2007-06-04
    reportershinnai
    sourcehttps://www.exploit-db.com/download/30144/
    titleeSellerate SDK 3.6.5 eSellerateControl365.DLL ActiveX Control Buffer Overflow Vulnerability

References