Description
Buffer overflow in the Configuration Checker (ConfigChk) ActiveX control in VSCnfChk.dll 2.0.0.2 for Verisign Managed PKI Service, Secure Messaging for Microsoft Exchange, and Go Secure! allows remote attackers to execute arbitrary code via long arguments to the VerCompare method.
References (16)
Core 16
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/33479
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/24249
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/32639
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/308087
Third Party Advisory x_refsource_misc
http://jvn.jp/cert/JVNVU%23308087/index.html
Vendor Advisory x_refsource_confirm
https://download.verisign.co.jp/support/announce/20070216.html
Various Sources mailing-list
x_refsource_vim
http://attrition.org/pipermail/vim/2007-February/001385.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1017693
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/22676
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/22671
Various Sources mailing-list
x_refsource_vim
http://attrition.org/pipermail/vim/2007-February/001384.html
Various Sources x_refsource_misc
http://www.jpcert.or.jp/at/2007/at070006.txt
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1017692
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1017694
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/0702
Third Party Advisory third-party-advisory
x_refsource_idefense
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=479
Scores
EPSS
0.0823
EPSS Percentile
94.3%
Details
CWE
CWE-119
Status
published
Products (5)
verisign/mpki
4.6.1
verisign/mpki
5.0
verisign/mpki
6.0
verisign/mpki
7.0
verisign/mpki
< 6.1.3
Published
Feb 23, 2007
Tracked Since
Feb 18, 2026