CVE-2007-0323 - Buffer overflow in the SetLanguage function in Research In Motion (RIM) TeamOn Import Object ActiveX

CVE-2007-0323

Summary

Buffer overflow in the SetLanguage function in Research In Motion (RIM) TeamOn Import Object ActiveX control (TOImport.dll) allows remote attackers to execute arbitrary code via unspecified vectors.

References

http://osvdb.org/35873
http://secunia.com/advisories/25218
http://www.blackberry.com/btsc/articles/74/KB13142_f.SAL_Public.html
http://www.kb.cert.org/vuls/id/869641
http://www.securityfocus.com/archive/1/468871/100/200/threaded
http://www.securityfocus.com/bid/23331
http://www.us-cert.gov/cas/techalerts/TA07-128A.html
http://www.vupen.com/english/advisories/2007/1716
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-027
https://exchange.xforce.ibmcloud.com/vulnerabilities/34182

Vulnerable Configurations

cpe:2.3:a:rim:teamon_import_object_activex_control:*:*:*:*:*:*:*:*
cpe:2.3:a:rim:teamon_import_object_activex_control:*:*:*:*:*:*:*:*

CVSS

Base:	7.5 (as of 16-10-2018 - 16:32)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

refmap via4

bid	23331
cert	TA07-128A
cert-vn	VU#869641
confirm	http://www.blackberry.com/btsc/articles/74/KB13142_f.SAL_Public.html
hp	HPSBST02214 SSRT071422
osvdb	35873
secunia	25218
vupen	ADV-2007-1716
xf	rim-toimport-activex-bo(34182)

Last major update

16-10-2018 - 16:32

Published

08-05-2007 - 23:19

Last modified

16-10-2018 - 16:32