CVE-2007-5603 Information
Description
Stack-based buffer overflow in the SonicWall SSL-VPN NetExtender NELaunchCtrl ActiveX control before 2.1.0.51 and 2.5.x before 2.5.0.56 allows remote attackers to execute arbitrary code via a long string in the second argument to the AddRouteEntry method.
Reference
http://secunia.com/advisories/27469 http://securityreason.com/securityalert/3342 http://www.kb.cert.org/vuls/id/298521 http://www.kb.cert.org/vuls/id/WDON-78K56M http://www.sec-consult.com/303.html http://www.sec-consult.com/fileadmin/Advisories/20071101-0_sonicwall_multiple.txt http://www.securityfocus.com/archive/1/483097/100/0/threaded http://www.securityfocus.com/bid/26288 http://www.securitytracker.com/id?1018891 http://www.vupen.com/english/advisories/2007/3696 https://exchange.xforce.ibmcloud.com/vulnerabilities/38220 https://www.exploit-db.com/exploits/4594
Share on: