CVE-2007-3536

{"id": "CVE-2007-3536", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.6, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "HIGH", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 4.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-07-03T20:30:00.000", "references": [{"url": "http://osvdb.org/37672", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/25891", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/24703", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/2387", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35155", "source": "cve@mitre.org"}, {"url": "https://www.exploit-db.com/exploits/4123", "source": "cve@mitre.org"}, {"url": "http://osvdb.org/37672", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/25891", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/24703", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2007/2387", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35155", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.exploit-db.com/exploits/4123", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Multiple buffer overflows in the AMX NetLinx VNC (AmxVnc) ActiveX control in AmxVnc.dll 1.0.13.0 allow remote attackers to execute arbitrary code via long (1) Host, (2) Password, or (3) LogFile property values."}, {"lang": "es", "value": "M\u00faltiples desbordamientos de b\u00fafer en el control ActiveX AMX NetLinx VNC (AmxVnc) en AmxVnc.dll 1.0.13.0 permiten a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante valores largos en las propiedades (1) Host (anfitri\u00f3n), (2) Password (contrase\u00f1a), o (3) LogFile (archivo de registro)."}], "lastModified": "2024-11-21T00:33:28.773", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:amx:netlinx_vnc_activex_control:1.0.13.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "869918D2-6CBE-445A-BFFC-E9DECA4C0FE1"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}