Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2007-4034

EPSS 31.22% · P97
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2007-4034

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Stack-based buffer overflow in the YDPCTL.YDPControl.1 (aka Yahoo! Installer Plugin for Widgets) ActiveX control before 2007.7.13.3 (20070620) in YDPCTL.dll in Yahoo! Widgets before 4.0.5 allows remote attackers to execute arbitrary code via a long argument to the GetComponentVersion method. NOTE: some of these details are obtained from third party information.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Yahoo! Widgets引擎YDPCTL.DLL控件栈溢出漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Yahoo! Widget是由雅虎推出的免费开源桌面应用程序平台,由Widget引擎和Widget工具两部分组成,可极大的便利网络操作和完善桌面应用。 Yahoo! Widget的YDPCTL.YDPControl.1ActiveX控件实现上存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞控制用户系统。 YDPCTL.YDPControl.1(YDPCTL.dll)ActiveX控件在处理GetComponentVersion()方式时存在栈溢出漏洞。如果用户受骗访问了恶意站点并向该方式传送了超过512字节的
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2007-4034

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2007-4034

登录查看更多情报信息。

Same Patch Batch · n/a · 2007-07-27 · 20 CVEs total

CVE-2007-4037Guidance Software EnCase 远程畸形文件缓冲区溢出漏洞
CVE-2007-4047geoBlog 多个安全绕过漏洞
CVE-2007-4046Pony Gallery (com_ponygallery) index.php SQL注入漏洞
CVE-2007-4045CUPS SSL Negotiation 安全漏洞
CVE-2007-4043Secure Computing SecurityReporter file.cgi 远程遍历漏洞
CVE-2007-4042Netscape Navigator安全漏洞
CVE-2007-4041Mozilla Firefox操作系统操作系统命令注入漏洞
CVE-2007-4040Outlook Express 远程自变量注入漏洞
CVE-2007-4039Mozilla 自变量注入漏洞
CVE-2007-4038Microsoft IE FirefoxURL协议处理器命令注入漏洞
CVE-2007-1354JMX Console in JBoss Application Server 远程口令登陆漏洞
CVE-2007-4036Guidance Software EnCase 远程应用程序拒绝服务漏洞
CVE-2007-4035Guidance Software EnCase 远程畸形表格漏洞
CVE-2007-4033T1lib intT1_Env_GetCompletePath函数远程缓冲区溢出漏洞
CVE-2007-4032CrystalPlayer播放列表文件堆溢出漏洞
CVE-2007-4031Nessus Vulnerability Scanner 控件目录遍历漏洞
CVE-2007-3532Gentoo Linux NVIDIA Drivers 本地拒绝服务漏洞
CVE-2007-3105Linux kernel 缓冲区错误漏洞
CVE-2007-2874Fedora NetworkManager package wpa_printf函数远程缓冲区溢出漏洞

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2007-4034

No comments yet

Leave a comment