Detections
Analytics

CVE-2007-1083

critical

Description

Buffer overflow in the Configuration Checker (ConfigChk) ActiveX control in VSCnfChk.dll 2.0.0.2 for Verisign Managed PKI Service, Secure Messaging for Microsoft Exchange, and Go Secure! allows remote attackers to execute arbitrary code via long arguments to the VerCompare method.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/32639

https://download.verisign.co.jp/support/announce/20070216.html

http://www.vupen.com/english/advisories/2007/0702

http://www.securitytracker.com/id?1017694

http://www.securitytracker.com/id?1017693

http://www.securitytracker.com/id?1017692

http://www.securityfocus.com/bid/22676

http://www.securityfocus.com/bid/22671

http://www.kb.cert.org/vuls/id/308087

http://www.jpcert.or.jp/at/2007/at070006.txt

http://secunia.com/advisories/24249

http://osvdb.org/33479

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=479

http://jvn.jp/cert/JVNVU%23308087/index.html

http://attrition.org/pipermail/vim/2007-February/001385.html

http://attrition.org/pipermail/vim/2007-February/001384.html

Details

Source: Mitre, NVD

Published: 2007-02-23

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical