CVE-2007-4903

Ultra Shareware Ultra Crypto Component - Memory Corruption

Title source: rule

Description

Multiple buffer overflows in a certain ActiveX control in CryptoX.dll 2.0 and earlier in the Ultra Crypto Component allow remote attackers to execute arbitrary code via (1) a long string in the first argument to the AcquireContext method or (2) an unspecified vector to the DeleteContext method.

Exploits (1)

exploitdb WORKING POC VERIFIED

by shinnai · htmlremotewindows

https://www.exploit-db.com/exploits/4389

View Code ZIP pw:eip

References (5)

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/36524

[Third Party Advisory, VDB Entry] http://osvdb.org/38979

[Exploit] http://www.securityfocus.com/bid/25609

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1018674

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/4389

Scores

EPSS 0.0732

EPSS Percentile 91.7%

Details

CWE

CWE-119

Status published

Products (1)

ultra_shareware/ultra_crypto_component 2.0.2007.801

Published Sep 17, 2007

Tracked Since Feb 18, 2026