Vulnerability Details : CVE-2007-2919
Public exploit exists!
Multiple stack-based buffer overflows in the FViewerLoading ActiveX control (FlipViewerX.dll) in E-Book Systems FlipViewer before 4.1 allow remote attackers to cause a denial of service (crash) or execute arbitrary code via long (1) UID, (2) Opf, (3) PAGENO, (4) LaunchMode, (5) SubID, (6) BookID, (7) LibraryID, (8) SubURL, and (9) LoadOpf properties.
Vulnerability category: Execute codeDenial of service
Products affected by CVE-2007-2919
- cpe:2.3:a:e-book_systems:flipviewer:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2007-2919
92.11%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2007-2919
-
FlipViewer FViewerLoading ActiveX Control Buffer Overflow
Disclosure Date: 2007-06-06First seen: 2020-04-26exploit/windows/browser/ebook_flipviewer_fviewerloadingThis module exploits a stack buffer overflow in E-BOOK Systems FlipViewer 4.0. The vulnerability is caused due to a boundary error in the FViewerLoading (FlipViewerX.dll) ActiveX control when handling the "LoadOpf()" method. Authors: - LSO <lso@hushmail.com>
CVSS scores for CVE-2007-2919
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
References for CVE-2007-2919
-
http://www.kb.cert.org/vuls/id/449089
US Government Resource
-
http://www.securityfocus.com/bid/24328
E-Book Systems FlipViewer FlipViewerX.DLL ActiveX Multiple Buffer Overflow VulnerabilitiesPatch
-
http://www.vupen.com/english/advisories/2007/2081
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/34742
Jump to