← voltar
CVE-2007-4034

CVE-2007-4034

EPSS 13.0%
Stack-based buffer overflow in the YDPCTL.YDPControl.1 (aka Yahoo! Installer Plugin for Widgets) ActiveX control before 2007.7.13.3 (20070620) in YDPCTL.dll in Yahoo! Widgets before 4.0.5 allows remote attackers to execute arbitrary code via a long argument to the GetComponentVersion method. NOTE: some of these details are obtained from third party information.
Produtos afetados
n/a · n/a
PoCs públicas encontradas1
exploitdbwww.exploit-db.com/exploits/4250não verificado
⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://help.yahoo.com/l/us/yahoo/widgets/security/security-08.htmlhttp://osvdb.org/37705http://secunia.com/advisories/26011http://www.kb.cert.org/vuls/id/120760http://www.securityfocus.com/bid/25086http://www.securitytracker.com/id?1018470http://www.vupen.com/english/advisories/2007/2679