CVE-2007-2918

Multiple stack-based buffer overflows in ActiveX controls (1) VibeC in (a) vibecontrol.dll, (2) CallManager and (3) ViewerClient in (b) StarClient.dll, (4) ComLink in (c) uicomlink.dll, and (5) WebCamXMP in (d) wcamxmp.dll in Logitech VideoCall allow remote attackers to cause a denial of service (browser crash) and execute arbitrary code via unspecified vectors.

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.kb.cert.org/vuls/id/330289	US Government Resource
http://www.securityfocus.com/bid/24254
http://secunia.com/advisories/25514
http://osvdb.org/36822
http://osvdb.org/36823
http://osvdb.org/36824
http://osvdb.org/36821
http://osvdb.org/36820
http://www.vupen.com/english/advisories/2007/2018
https://exchange.xforce.ibmcloud.com/vulnerabilities/34658

Advertisement

Configurations

Configuration 1 (hide)

cpe:2.3:a:logitech:videocall:*:*:*:*:*:*:*:*

Information

Published : 2007-05-31 18:30

Updated : 2017-07-28 18:31

NVD link : CVE-2007-2918

Mitre link : CVE-2007-2918

JSON object : View

CWE

NVD-CWE-Other

Advertisement

Products Affected

logitech

videocall

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.kb.cert.org/vuls/id/330289", "name": "VU#330289", "tags": ["US Government Resource"], "refsource": "CERT-VN"}, {"url": "http://www.securityfocus.com/bid/24254", "name": "24254", "tags": [], "refsource": "BID"}, {"url": "http://secunia.com/advisories/25514", "name": "25514", "tags": [], "refsource": "SECUNIA"}, {"url": "http://osvdb.org/36822", "name": "36822", "tags": [], "refsource": "OSVDB"}, {"url": "http://osvdb.org/36823", "name": "36823", "tags": [], "refsource": "OSVDB"}, {"url": "http://osvdb.org/36824", "name": "36824", "tags": [], "refsource": "OSVDB"}, {"url": "http://osvdb.org/36821", "name": "36821", "tags": [], "refsource": "OSVDB"}, {"url": "http://osvdb.org/36820", "name": "36820", "tags": [], "refsource": "OSVDB"}, {"url": "http://www.vupen.com/english/advisories/2007/2018", "name": "ADV-2007-2018", "tags": [], "refsource": "VUPEN"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34658", "name": "logitech-multiple-activex-bo(34658)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Multiple stack-based buffer overflows in ActiveX controls (1) VibeC in (a) vibecontrol.dll, (2) CallManager and (3) ViewerClient in (b) StarClient.dll, (4) ComLink in (c) uicomlink.dll, and (5) WebCamXMP in (d) wcamxmp.dll in Logitech VideoCall allow remote attackers to cause a denial of service (browser crash) and execute arbitrary code via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2007-2918", "ASSIGNER": "cert@cert.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": true}}, "publishedDate": "2007-06-01T01:30Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:logitech:videocall:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-07-29T01:31Z"}