Electronic Arts SnoopyCtrl ActiveX Control Multiple Buffer Overflow Vulnerabilities
BID:25970
Info
Electronic Arts SnoopyCtrl ActiveX Control Multiple Buffer Overflow Vulnerabilities
| Bugtraq ID: | 25970 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-4466 |
| Remote: | Yes |
| Local: | No |
| Published: | Oct 08 2007 12:00AM |
| Updated: | Oct 10 2007 12:28AM |
| Credit: | Will Dormann is credited with the discovery of these vulnerabilities. |
| Vulnerable: |
Electronic Arts Inc. SnoopyCtrl ActiveX 0 |
| Not Vulnerable: | |
Discussion
Electronic Arts SnoopyCtrl ActiveX Control Multiple Buffer Overflow Vulnerabilities
Electronic Arts SnoopyCtrl ActiveX control is prone to multiple unspecified buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied data.
Successfully exploiting these issues allows remote attackers to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts likely result in denial-of-service conditions.
Electronic Arts SnoopyCtrl ActiveX control is prone to multiple unspecified buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied data.
Successfully exploiting these issues allows remote attackers to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts likely result in denial-of-service conditions.
Exploit / POC
Electronic Arts SnoopyCtrl ActiveX Control Multiple Buffer Overflow Vulnerabilities
Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution / Fix
Electronic Arts SnoopyCtrl ActiveX Control Multiple Buffer Overflow Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
References
Electronic Arts SnoopyCtrl ActiveX Control Multiple Buffer Overflow Vulnerabilities
References:
References:
- Electronic Arts Homepage (Electronic Arts)
- Microsoft Knowledge Base Article 240797 (Microsoft)
- Vulnerability Note VU#179281 Electronic Arts SnoopyCtrl ActiveX control and plug (US-CERT)