CVE-2007-2820

KSign KSignSWAT ActiveX Control 2.0.3.3 - Buffer Overflow

Title source: llm

Description

Multiple stack-based buffer overflows in the KSign KSignSWAT ActiveX Control (AxKSignSWAT.dll) 2.0.3.3 allow remote attackers to execute arbitrary code via long arguments to the (1) SWAT_Init, (2) SWAT_InitEx, (3) SWAT_InitEx2, (4) SWAT_InitEx3, and (5) SWAT_Login functions.

Exploits (1)

exploitdb WORKING POC VERIFIED

by KIM Kee-hong · htmlremotewindows

https://www.exploit-db.com/exploits/3968

View Code ZIP pw:eip

References (6)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/24088

[Third Party Advisory, VDB Entry] http://osvdb.org/36517

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/34417

[Patch] http://marc.info/?l=full-disclosure&m=117981953312669&w=2

[Patch, Vendor Advisory] http://secunia.com/advisories/25357

[Third Party Advisory] http://www.vupen.com/english/advisories/2007/1901

Scores

EPSS 0.1822

EPSS Percentile 95.2%

Details

Status published

Products (1)

ksign/ksignswat 2.0.3.3

Published May 22, 2007

Tracked Since Feb 18, 2026