CVE-2007-5814 in SSL VPNinfo

Summary

Multiple buffer overflows in the SonicWall SSL-VPN NetExtender NELaunchCtrl ActiveX control before 2.1.0.51, and 2.5.x before 2.5.0.56, allow remote attackers to execute arbitrary code via a long (1) serverAddress, (2) sessionId, (3) clientIPLower, (4) clientIPHigher, (5) userName, (6) domainName, or (7) dnsSuffix Unicode property value. NOTE: the AddRouteEntry vector is covered by CVE-2007-5603.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

11/05/2007

Disclosure

11/05/2007

Moderation

VulDB entry created

Entries

1: VDB-39562

CPE

ready

CWE

CWE-119 (Confirmed)

Exploit

Download

CVSS

10.0

EPSS

0.07088

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2007-5814
NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-5814
CVE Details	https://www.cvedetails.com/cve/CVE-2007-5814/

◂ Previous Overview Next ▸

Want to know what is going to be exploited?

We predict KEV entries!