CVE-2007-1083

Verisign Managed PKI Service - Buffer Overflow

Title source: llm
STIX 2.1

Description

Buffer overflow in the Configuration Checker (ConfigChk) ActiveX control in VSCnfChk.dll 2.0.0.2 for Verisign Managed PKI Service, Secure Messaging for Microsoft Exchange, and Go Secure! allows remote attackers to execute arbitrary code via long arguments to the VerCompare method.

References (16)

Core 16
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/33479
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/24249
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/32639
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/308087
Third Party Advisory x_refsource_misc
http://jvn.jp/cert/JVNVU%23308087/index.html
Various Sources mailing-list x_refsource_vim
http://attrition.org/pipermail/vim/2007-February/001385.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1017693
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/22676
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/22671
Various Sources mailing-list x_refsource_vim
http://attrition.org/pipermail/vim/2007-February/001384.html
Various Sources x_refsource_misc
http://www.jpcert.or.jp/at/2007/at070006.txt
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1017692
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1017694
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/0702
Third Party Advisory third-party-advisory x_refsource_idefense
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=479

Scores

EPSS 0.0823
EPSS Percentile 94.3%

Details

CWE
CWE-119
Status published
Products (5)
verisign/mpki 4.6.1
verisign/mpki 5.0
verisign/mpki 6.0
verisign/mpki 7.0
verisign/mpki < 6.1.3
Published Feb 23, 2007
Tracked Since Feb 18, 2026