CVE-2007-2856
NONE
Published May 24, 200719y ago · Modified Jun 16, 20262w ago
Published May 24, 2007 19y ago
Last Modified Jun 16, 2026 2w ago
Description
Buffer overflow in the Dart Communications PowerTCP ZIP Compression ActiveX control in DartZip.dll 1.8.5.3, when Internet Explorer 6 is used, allows user-assisted remote attackers to execute arbitrary code via a long first argument to the QuickZip function, a related issue to CVE-2007-2855.
Threat Intelligence
No active exploitation signals — not in CISA KEV and no EPSS score yet.
Exploit & Patch Status
Public Exploit Known
No Patch Available
Weaknesses 1
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer Memory Safety
Affected Products 2
References 8
- osvdb.org http://osvdb.org/38111
- retrogod.altervista.org http://retrogod.altervista.org/ie_DartZip_bof.html
- securityfocus.com http://www.securityfocus.com/archive/1/469503/100/0/threaded
- securityfocus.com http://www.securityfocus.com/archive/1/469592/100/0/threaded
- securityfocus.com http://www.securityfocus.com/bid/24142
- securityfocus.com http://www.securityfocus.com/bid/24163
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/34494
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/34520
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.