CyberSec.Space Logo
Back to CVE Browser

CVE-2007-1722

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1550%
EPSS Percentile40.27th
PublishedMar 28, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

Buffer overflow in the DownloadCertificateExt function in SignKorea SKCommAX ActiveX control module 7.2.0.2 and 3280 6.6.0.1 allows remote attackers to execute arbitrary code via a long pszUserID argument.

Affected Platforms (CPE)

πŸ“¦
Signkorea

Skcommax Activex Control

= 6.6.0.1_3280
πŸ“¦
Signkorea

Skcommax Activex Control

= 7.2.0.2

References & Advisories

πŸ”— http://marc.info/?l=full-disclosure&m=117497124018827&w=2
πŸ”— http://secunia.com/advisories/24587
πŸ”— http://www.securityfocus.com/bid/23149
πŸ”— http://www.vupen.com/english/advisories/2007/1114
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/33245
πŸ”— http://marc.info/?l=full-disclosure&m=117497124018827&w=2
πŸ”— http://secunia.com/advisories/24587
πŸ”— http://www.securityfocus.com/bid/23149

Related Vulnerabilities

CVE-2007-049610.0

PHP remote file inclusion vulnerability in lib/nl/nl.php in Neon Labs Website (nlws) 3.2 and earlier allows remote attackers to ex...

CVE-2007-182210.0

Alcatel-Lucent Lucent Technologies voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailbo...

CVE-2007-350010.0

Xeweb XEForum allows remote attackers to gain privileges via a modified xeforum cookie.

CVE-2007-158710.0

templates/config/mail.tpl in Tim Soderstrom StatsDawg 0.92 allows remote attackers to execute arbitrary programs by specifying the...