CVE-2007-5108
published 2007-09-26CVE-2007-5108: Unspecified vulnerability in IAC Search & Media ask.com toolbar has unknown impact and remote attack vectors. NOTE: this information is based upon a vague…
PriorityP334critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
2.50%
82.7th percentile
Unspecified vulnerability in IAC Search & Media ask.com toolbar has unknown impact and remote attack vectors. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine. NOTE: this might be the same issue as CVE-2007-5107.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ask.com | ask_toolbar | <= 4.0.2.53 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-v682-76g4-2gwm: Stack-based buffer overflow in the AskJeevesToolBar
ghsa_unreviewed·2022-05-01·CVSS 10.0
CVE-2007-5107 [CRITICAL] CWE-119 GHSA-v682-76g4-2gwm: Stack-based buffer overflow in the AskJeevesToolBar
Stack-based buffer overflow in the AskJeevesToolBar.SettingsPlugin.1 ActiveX control in askBar.dll in IAC Search & Media ask.com Ask Toolbar 4.0.2.53 and earlier allows remote attackers to execute arbitrary code via a long ShortFormat property value. NOTE: some of these details are obtained from third party information. NOTE: the researcher claims that this is the same as CVE-2007-5108, but there is insufficient detail for CVE-2007-5108 to be certain.
GHSA
GHSA-gv44-wp79-c9g9: Unspecified vulnerability in IAC Search & Media ask
ghsa_unreviewed·2022-05-01·CVSS 9.3
CVE-2007-5108 [CRITICAL] GHSA-gv44-wp79-c9g9: Unspecified vulnerability in IAC Search & Media ask
Unspecified vulnerability in IAC Search & Media ask.com toolbar has unknown impact and remote attack vectors. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine. NOTE: this might be the same issue as CVE-2007-5107.
No detection rules found.
No writeups or analysis indexed.
2007-09-26
Published