← back
CVE-2007-6699

CVE-2007-6699

EPSS 4.5%
Multiple buffer overflows in the AIM PicEditor 9.5.1.8 ActiveX control in YGPPicEdit.dll in AOL You've Got Pictures (YGP) Picture Editor allow remote attackers to cause a denial of service (browser crash) via a long string in the (1) DisplayName, (2) FinalSavePath, (3) ForceSaveTo, (4) HiddenControls, (5) InitialEditorScreen, (6) Locale, (7) Proxy, and (8) UserAgent property values.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/30936unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://osvdb.org/41198http://seclists.org/fulldisclosure/2007/Dec/0561.htmlhttp://seclists.org/fulldisclosure/2007/Dec/0574.htmlhttp://www.securityfocus.com/bid/27026http://www.securitytracker.com/id?1019143