CVE-2007-6253 - OpenCVE

Multiple buffer overflows in Adobe Form Designer 5.0 and Form Client 5.0 allow remote attackers to execute arbitrary code via unknown vectors in the (1) Adobe File Dialog Button (FileDlg.dll) and the (2) Adobe Copy to Server Object (SvrCopy.dll) ActiveX controls.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Adobe	Form Client Form Designer

Configuration 1 [-]

OR	cpe:2.3:a:adobe:form_client:5.0:::::::*
	cpe:2.3:a:adobe:form_designer:5.0:::::::*

No data.

References

Link	Providers
http://secunia.com/advisories/29330
http://www.adobe.com/support/security/bulletins/apsb08-09.html
http://www.kb.cert.org/vuls/id/362849
http://www.securityfocus.com/bid/28210
http://www.securitytracker.com/id?1019601
http://www.vupen.com/english/advisories/2008/0863/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/41142

History

No history.

MITRE

Status: PUBLISHED

Assigner: certcc

Published: 2008-03-12T00:00:00

Updated: 2024-08-07T16:02:35.586Z

Reserved: 2007-12-05T00:00:00

Link: CVE-2007-6253

Vulnrichment

No data.

NVD

Status : Modified

Published: 2008-03-12T00:44:00.000

Modified: 2017-08-08T01:29:02.883

Link: CVE-2007-6253

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-03-11T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple buffer overflows in Adobe Form Designer 5.0 and Form Client 5.0 allow remote attackers to execute arbitrary code via unknown vectors in the (1) Adobe File Dialog Button (FileDlg.dll) and the (2) Adobe Copy to Server Object (SvrCopy.dll) ActiveX controls."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-07T12:57:01", "orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.adobe.com/support/security/bulletins/apsb08-09.html"}, {"name": "28210", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/28210"}, {"name": "29330", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/29330"}, {"name": "1019601", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1019601"}, {"name": "VU#362849", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/362849"}, {"name": "adobe-multiple-activex-bo(41142)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41142"}, {"name": "ADV-2008-0863", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/0863/references"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cert@cert.org", "ID": "CVE-2007-6253", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple buffer overflows in Adobe Form Designer 5.0 and Form Client 5.0 allow remote attackers to execute arbitrary code via unknown vectors in the (1) Adobe File Dialog Button (FileDlg.dll) and the (2) Adobe Copy to Server Object (SvrCopy.dll) ActiveX controls."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.adobe.com/support/security/bulletins/apsb08-09.html", "refsource": "CONFIRM", "url": "http://www.adobe.com/support/security/bulletins/apsb08-09.html"}, {"name": "28210", "refsource": "BID", "url": "http://www.securityfocus.com/bid/28210"}, {"name": "29330", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29330"}, {"name": "1019601", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1019601"}, {"name": "VU#362849", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/362849"}, {"name": "adobe-multiple-activex-bo(41142)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41142"}, {"name": "ADV-2008-0863", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/0863/references"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T16:02:35.586Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.adobe.com/support/security/bulletins/apsb08-09.html"}, {"name": "28210", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/28210"}, {"name": "29330", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/29330"}, {"name": "1019601", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1019601"}, {"name": "VU#362849", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/362849"}, {"name": "adobe-multiple-activex-bo(41142)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41142"}, {"name": "ADV-2008-0863", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/0863/references"}]}]}, "cveMetadata": {"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "assignerShortName": "certcc", "cveId": "CVE-2007-6253", "datePublished": "2008-03-12T00:00:00", "dateReserved": "2007-12-05T00:00:00", "dateUpdated": "2024-08-07T16:02:35.586Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:form_client:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "2A6E54F6-AF15-4A2E-8C46-A6E043B158D9", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:form_designer:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "CBA789DC-3CDA-4613-8202-3501097D0B19", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple buffer overflows in Adobe Form Designer 5.0 and Form Client 5.0 allow remote attackers to execute arbitrary code via unknown vectors in the (1) Adobe File Dialog Button (FileDlg.dll) and the (2) Adobe Copy to Server Object (SvrCopy.dll) ActiveX controls."}, {"lang": "es", "value": "M\u00faltiples desbordamientos de b\u00fafer en Adobe Form Designer versi\u00f3n 5.0 y Form Client versi\u00f3n 5.0, permiten a atacantes remotos ejecutar c\u00f3digo arbitrario por medio de vectores desconocidos en los controles ActiveX de (1) Adobe File Dialog Button (biblioteca FileDlg.dll) y (2) Adobe Copy to Server Object (biblioteca SvrCopy.dll)."}], "id": "CVE-2007-6253", "lastModified": "2017-08-08T01:29:02.883", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2008-03-12T00:44:00.000", "references": [{"source": "cret@cert.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/29330"}, {"source": "cret@cert.org", "tags": ["Patch"], "url": "http://www.adobe.com/support/security/bulletins/apsb08-09.html"}, {"source": "cret@cert.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/362849"}, {"source": "cret@cert.org", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/28210"}, {"source": "cret@cert.org", "url": "http://www.securitytracker.com/id?1019601"}, {"source": "cret@cert.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2008/0863/references"}, {"source": "cret@cert.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41142"}], "sourceIdentifier": "cret@cert.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}