CVE-2007-2827
published 2007-05-22CVE-2007-2827: Heap-based buffer overflow in LEAD Technologies LEADTOOLS ISIS ActiveX Control (ltisi14E.ocx) 14.5.0.44 and earlier allows remote attackers to execute…
PriorityP346critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
6.42%
92.8th percentile
Heap-based buffer overflow in LEAD Technologies LEADTOOLS ISIS ActiveX Control (ltisi14E.ocx) 14.5.0.44 and earlier allows remote attackers to execute arbitrary code via a long DriverName property.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| lead_technologies | leadtools_isis_activex_control | <= 14.5.0.44 | — |
| lead_technologies | leadtools_raster_image_sdk | — | — |
| lead_technologies | leadtools_raster_isis_object | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-p6c8-6rxx-gxvw: Heap-based buffer overflow in LEAD Technologies LEADTOOLS ISIS ActiveX Control (ltisi14E
ghsa_unreviewed·2022-05-01
CVE-2007-2827 [HIGH] CWE-119 GHSA-p6c8-6rxx-gxvw: Heap-based buffer overflow in LEAD Technologies LEADTOOLS ISIS ActiveX Control (ltisi14E
Heap-based buffer overflow in LEAD Technologies LEADTOOLS ISIS ActiveX Control (ltisi14E.ocx) 14.5.0.44 and earlier allows remote attackers to execute arbitrary code via a long DriverName property.
GHSA
GHSA-355h-9qx6-6qfx: Heap-based buffer overflow in a certain ActiveX control in LEADTOOLS LEAD Raster ISIS Object (LTRIS14e
ghsa_unreviewed·2022-05-01·CVSS 9.3
CVE-2007-2980 [CRITICAL] CWE-119 GHSA-355h-9qx6-6qfx: Heap-based buffer overflow in a certain ActiveX control in LEADTOOLS LEAD Raster ISIS Object (LTRIS14e
Heap-based buffer overflow in a certain ActiveX control in LEADTOOLS LEAD Raster ISIS Object (LTRIS14e.DLL) 14.5.0.44 allows remote attackers to cause a denial of service (Internet Explorer crash) or execute arbitrary code via a long DriverName property, a different ActiveX control than CVE-2007-2827.
No detection rules found.
No writeups or analysis indexed.
http://moaxb.blogspot.com/2007/05/moaxb-22-leadtools-isis-control.htmlhttp://osvdb.org/36032http://secunia.com/advisories/25349http://www.securityfocus.com/bid/24093http://www.shinnai.altervista.org/moaxb/20070522/leadisistxt.htmlhttp://www.vupen.com/english/advisories/2007/1900https://exchange.xforce.ibmcloud.com/vulnerabilities/34437http://moaxb.blogspot.com/2007/05/moaxb-22-leadtools-isis-control.htmlhttp://osvdb.org/36032http://secunia.com/advisories/25349http://www.securityfocus.com/bid/24093http://www.shinnai.altervista.org/moaxb/20070522/leadisistxt.htmlhttp://www.vupen.com/english/advisories/2007/1900https://exchange.xforce.ibmcloud.com/vulnerabilities/34437
2007-05-22
Published