CVE-2007-2177

Stack-based buffer overflow in the Microgaming Download Helper ActiveX control (dlhelper.dll) before 7.2.0.19, and the WebHandler Class control, allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://osvdb.org/34329
http://secunia.com/advisories/25017
http://www.kb.cert.org/vuls/id/184473	US Government Resource
http://www.securityfocus.com/bid/23595	Patch
http://www.vupen.com/english/advisories/2007/1507
http://osvdb.org/34329
http://secunia.com/advisories/25017
http://www.kb.cert.org/vuls/id/184473	US Government Resource
http://www.securityfocus.com/bid/23595	Patch
http://www.vupen.com/english/advisories/2007/1507

Configurations

Configuration 1 (hide)

cpe:2.3:a:microgaming:download_helper_activex_control:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2007-04-24 16:19

Updated : 2025-04-09 00:30

NVD link : CVE-2007-2177

Mitre link : CVE-2007-2177

CVE.ORG link : CVE-2007-2177

JSON object : View

Products Affected

microgaming

download_helper_activex_control

CWE

NVD-CWE-Other

{"id": "CVE-2007-2177", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2007-04-24T16:19:00.000", "references": [{"url": "http://osvdb.org/34329", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/25017", "source": "cve@mitre.org"}, {"url": "http://www.kb.cert.org/vuls/id/184473", "tags": ["US Government Resource"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/23595", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/1507", "source": "cve@mitre.org"}, {"url": "http://osvdb.org/34329", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/25017", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.kb.cert.org/vuls/id/184473", "tags": ["US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/23595", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2007/1507", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in the Microgaming Download Helper ActiveX control (dlhelper.dll) before 7.2.0.19, and the WebHandler Class control, allows remote attackers to execute arbitrary code via unspecified vectors."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer basado en pila en el control ActiveX Microgaming Download Helper (dlhelper.dll) anterior a 7.2.0.19, y el control WebHandler Class, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de vectores no especificados."}], "lastModified": "2025-04-09T00:30:58.490", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microgaming:download_helper_activex_control:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38A03FBE-66CA-498B-B23C-1B97C1A890FA"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}