CVE-2007-2856
CVE-2007-2856
Buffer overflow in the Dart Communications PowerTCP ZIP Compression ActiveX control in DartZip.dll 1.8.5.3, when Internet Explorer 6 is used, allows user-assisted remote attackers to execute arbitrary code via a long first argument to the QuickZip function, a related issue to CVE-2007-2855.
Affected products
n/a · n/apublic PoCs found — 2
exploitdbwww.exploit-db.com/exploits/3982unverifiedexploitdbwww.exploit-db.com/exploits/3984unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://osvdb.org/38111http://retrogod.altervista.org/ie_DartZip_bof.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/34494https://exchange.xforce.ibmcloud.com/vulnerabilities/34520http://www.securityfocus.com/archive/1/469503/100/0/threadedhttp://www.securityfocus.com/archive/1/469592/100/0/threadedhttp://www.securityfocus.com/bid/24142http://www.securityfocus.com/bid/24163