Vulnerability Details : CVE-2007-0443
Multiple buffer overflows in the CDDBControl ActiveX control in Gracenote CDDB before 20070418 allow remote attackers to execute arbitrary code via long values for certain Proxy configuration parameters.
Vulnerability category: Execute code
Products affected by CVE-2007-0443
- cpe:2.3:a:gracenote:cddbcontrol_activex_control:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2007-0443
13.49%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 94 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2007-0443
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
References for CVE-2007-0443
-
http://www.gracenote.com/corporate/FAQs.html/faqset=update/page=0
-
http://www.securityfocus.com/bid/23567
Patch
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/33773
-
http://www.securityfocus.com/archive/1/466403/100/0/threaded
-
http://www.vupen.com/english/advisories/2007/1475
-
http://www.securitytracker.com/id?1017937
-
http://www.zerodayinitiative.com/advisories/ZDI-07-021.html
Patch;Vendor Advisory
Jump to