CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2007-2744

HIGH
7.5
CVSS Severity Score
EPSS Score0.0180%
EPSS Percentile18.57th
Published2007年5月17日
Last Modified2026年4月23日

Vulnerability Description

Stack-based buffer overflow in the PrecisionID Barcode 1.9 ActiveX control in PrecisionID_Barcode.dll allows remote attackers to cause a denial of service (Internet Explorer 6 crash), and possibly execute arbitrary code, via a long argument to the SaveBarCode method. NOTE: this issue might overlap CVE-2007-2657.

Affected Platforms (CPE)

📦
Precisionid Barcode

Precisionid Barcode

= 1.9

References & Advisories

🔗 http://moaxb.blogspot.com/2007/05/moaxb-16-ie-6-precisionid-barcode.html
🔗 http://osvdb.org/36024
🔗 http://secunia.com/advisories/25253
🔗 http://www.securityfocus.com/bid/24010
🔗 http://www.shinnai.altervista.org/viewtopic.php?id=42&t_id=18
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/34339
🔗 http://moaxb.blogspot.com/2007/05/moaxb-16-ie-6-precisionid-barcode.html
🔗 http://osvdb.org/36024

相關漏洞威脅

CVE-2007-275510.0

The PrecisionID Barcode 1.9 ActiveX control in PrecisionID_Barcode.dll, when Internet Explorer 6 is used, allows remote attackers ...

CVE-2007-26577.8

Unspecified vulnerability in the PrecisionID Barcode 1.3 ActiveX control in PrecisionID_DataMatrix.DLL allows remote attackers to ...

CVE-2007-350010.0

Xeweb XEForum allows remote attackers to gain privileges via a modified xeforum cookie.

CVE-2007-020310.0

Multiple unspecified vulnerabilities in phpMyAdmin before 2.9.2-rc1 have unknown impact and attack vectors.