CVE-2007-2585

Severity

93%

Complexity

86%

Confidentiality

165%

Successful exploitation allows execution of arbitrary code when a user visits a malicious website.

Stack-based buffer overflow in the Verify function in the BarCodeWiz ActiveX control 2.0 and 2.52 (BarcodeWiz.dll) allows remote attackers to execute arbitrary code via a long argument.

Successful exploitation allows execution of arbitrary code when a user visits a malicious website.

CVSS 2.0 Base Score 9.3. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C).

Overview

Type

Barcodewiz ActiveX Control

First reported 17 years ago

2007-05-10 00:19:00

Last updated 7 years ago

2017-07-29 01:31:00

Affected Software

Barcodewiz ActiveX Control 2.0

2.0

Barcodewiz ActiveX Control 2.52

2.52

References

http://moaxb.blogspot.com/2007/05/moaxb-09-barcodewiz-activex-control-20.html

35869

25209

Vendor Advisory

23891

http://www.shinnai.altervista.org/moaxb/20070509/barcodewiz.txt

ADV-2007-1728

barcodewiz-barcodewiz-bo(34180)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.