ByteOS Network

NVD Vulnerability Details :

CVE-2007-6252

Modified

Source-cret@cert.org

Published At-03 Mar, 2008 | 18:44

Updated At-08 Aug, 2017 | 01:29

Multiple stack-based buffer overflows in the Learn2 Corporation STRunner (aka Street Technologies) ActiveX control in iestm32.dll allow remote attackers to execute arbitrary code via unspecified vectors.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	6.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:P

Type: Primary

Version: 2.0

Base score: 6.8

Base severity: MEDIUM

Vector:

AV:N/AC:M/Au:N/C:P/I:P/A:P

CPE Matches

learn2>>strunner>>*

cpe:2.3:a:learn2:strunner:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-119	Primary	nvd@nist.gov

CWE ID: CWE-119

Type: Primary

Source: nvd@nist.gov

Evaluator Description

Additional information can be obtained from: http://www.securityfocus.com/bid/28058/info Instructions on disabling Active X in internet explorer is located here: http://support.microsoft.com/kb/240797

References

Hyperlink	Source	Resource
http://secunia.com/advisories/29195	cret@cert.org	N/A
http://www.kb.cert.org/vuls/id/524857	cret@cert.org	US Government Resource
http://www.securityfocus.com/bid/28058	cret@cert.org	N/A
http://www.vupen.com/english/advisories/2008/0733	cret@cert.org	N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/40973	cret@cert.org	N/A