CVE-2007-5603

Currently unrated

Key Information:

Vendor: Sonicwall
Status: Ssl Vpn
Vendor: CVE Published:; 5 November 2007

Summary

Stack-based buffer overflow in the SonicWall SSL-VPN NetExtender NELaunchCtrl ActiveX control before 2.1.0.51, and 2.5.x before 2.5.0.56, allows remote attackers to execute arbitrary code via a long string in the second argument to the AddRouteEntry method.

References

http://www.kb.cert.org/vuls/id/WDON-78K56M

x_refsource_MISC

http://www.kb.cert.org/vuls/id/298521

third-party-advisoryx_refsource_CERT-VN

http://www.vupen.com/english/advisories/2007/3696

vdb-entryx_refsource_VUPEN

EPSS Score

90% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Nov 5, 2007
Vulnerability Reserved
Oct 21, 2007

Collectors

NVD DatabaseMitre Database