CVE-2007-0323

Buffer overflow in the SetLanguage function in Research In Motion (RIM) TeamOn Import Object ActiveX control (TOImport.dll) allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.kb.cert.org/vuls/id/869641	Patch US Government Resource
http://www.securityfocus.com/bid/23331
http://secunia.com/advisories/25218
http://www.blackberry.com/btsc/articles/74/KB13142_f.SAL_Public.html
http://www.us-cert.gov/cas/techalerts/TA07-128A.html	US Government Resource
http://osvdb.org/35873
http://www.vupen.com/english/advisories/2007/1716
https://exchange.xforce.ibmcloud.com/vulnerabilities/34182
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-027
http://www.securityfocus.com/archive/1/468871/100/200/threaded

Advertisement

Configurations

Configuration 1 (hide)

cpe:2.3:a:rim:teamon_import_object_activex_control:*:*:*:*:*:*:*:*

Information

Published : 2007-05-08 16:19

Updated : 2018-10-16 09:32

NVD link : CVE-2007-0323

Mitre link : CVE-2007-0323

JSON object : View

CWE

NVD-CWE-Other

Advertisement

Products Affected

rim

teamon_import_object_activex_control

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.kb.cert.org/vuls/id/869641", "name": "VU#869641", "tags": ["Patch", "US Government Resource"], "refsource": "CERT-VN"}, {"url": "http://www.securityfocus.com/bid/23331", "name": "23331", "tags": [], "refsource": "BID"}, {"url": "http://secunia.com/advisories/25218", "name": "25218", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.blackberry.com/btsc/articles/74/KB13142_f.SAL_Public.html", "name": "http://www.blackberry.com/btsc/articles/74/KB13142_f.SAL_Public.html", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www.us-cert.gov/cas/techalerts/TA07-128A.html", "name": "TA07-128A", "tags": ["US Government Resource"], "refsource": "CERT"}, {"url": "http://osvdb.org/35873", "name": "35873", "tags": [], "refsource": "OSVDB"}, {"url": "http://www.vupen.com/english/advisories/2007/1716", "name": "ADV-2007-1716", "tags": [], "refsource": "VUPEN"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34182", "name": "rim-toimport-activex-bo(34182)", "tags": [], "refsource": "XF"}, {"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-027", "name": "MS07-027", "tags": [], "refsource": "MS"}, {"url": "http://www.securityfocus.com/archive/1/468871/100/200/threaded", "name": "HPSBST02214", "tags": [], "refsource": "HP"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Buffer overflow in the SetLanguage function in Research In Motion (RIM) TeamOn Import Object ActiveX control (TOImport.dll) allows remote attackers to execute arbitrary code via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2007-0323", "ASSIGNER": "cert@cert.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "HIGH", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2007-05-08T23:19Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:rim:teamon_import_object_activex_control:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-10-16T16:32Z"}