Vulnerability CVE-2007-2918


Published: 2007-05-31   Modified: 2012-02-12

Description:
Multiple stack-based buffer overflows in ActiveX controls (1) VibeC in (a) vibecontrol.dll, (2) CallManager and (3) ViewerClient in (b) StarClient.dll, (4) ComLink in (c) uicomlink.dll, and (5) WebCamXMP in (d) wcamxmp.dll in Logitech VideoCall allow remote attackers to cause a denial of service (browser crash) and execute arbitrary code via unspecified vectors.

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.8/10
6.4/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Logitech -> Videocall 

 References:
http://www.kb.cert.org/vuls/id/330289
http://www.vupen.com/english/advisories/2007/2018
http://www.securityfocus.com/bid/24254
http://osvdb.org/36824
http://osvdb.org/36823
http://osvdb.org/36822
http://osvdb.org/36821
http://osvdb.org/36820
http://xforce.iss.net/xforce/xfdb/34658
http://secunia.com/advisories/25514

Copyright 2024, cxsecurity.com

 

Back to Top