Vulnerabilities > CVE-2008-7122 - Insecure Method And Buffer Overflow vulnerability in Registry Pro 'epRegPro.ocx' ActiveX Control

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

evansprogramming

critical

exploit available

NVD

Published: 2009-08-31

Updated: 2017-09-29

Summary

Multiple insecure method vulnerabilities in an ActiveX control in (epRegPro.ocx) in Evans Programming Registry Pro allow remote attackers to read and modify sensitive registry keys via the (1) About, (2) CreateKey, (3) DeleteBranch, (4) DeleteKey, (5) DeleteValue, (6) EnumKeys, (7) EnumValues, (8) QueryType, (9) QueryValue, (10) RenameKey, and (11) SetValue methods.

Vulnerable Configurations

Part	Description	Count
Application	Evansprogramming Evansprogramming Registry PRO *	1

Exploit-Db

id	EDB-ID:5271

References

http://www.securityfocus.com/bid/28287
https://www.exploit-db.com/exploits/5271