CVE-2007-2856 Information

Description

Buffer overflow in the Dart Communications PowerTCP ZIP Compression ActiveX control in DartZip.dll 1.8.5.3 when Internet Explorer 6 is used allows user-assisted remote attackers to execute arbitrary code via a long first argument to the QuickZip function a related issue to CVE-2007-2855.

Reference

http://osvdb.org/38111 http://retrogod.altervista.org/ie_DartZip_bof.html http://www.securityfocus.com/archive/1/469503/100/0/threaded http://www.securityfocus.com/archive/1/469592/100/0/threaded http://www.securityfocus.com/bid/24142 http://www.securityfocus.com/bid/24163 https://exchange.xforce.ibmcloud.com/vulnerabilities/34494 https://exchange.xforce.ibmcloud.com/vulnerabilities/34520