What is CVE-2007-5603?

CVE-2007-5603 is a vulnerability in N/a. Published 2007-11-05.

Is CVE-2007-5603 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2007-5603

Stack-based buffer overflow in the SonicWall SSL-VPN NetExtender NELaunchCtrl ActiveX control before 2.1.0.51, and 2.5.x before 2.5.0.56, allows remote attackers to execute arbitrary code via a long string in the second argument to the Add…

EPSS: 0.703 (98.7th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework

References

www.kb.cert.org/vuls/id/WDON-78K56M (x_refsource_MISC)
VU#298521 (x_refsource_CERT-VN, third-party-advisory)
ADV-2007-3696 (vdb-entry, x_refsource_VUPEN)
www.sec-consult.com/fileadmin/Advisories/20071101-0_sonicwall_multiple.txt (x_refsource_MISC)
4594 (exploit, x_refsource_EXPLOIT-DB)
3342 (x_refsource_SREASON, third-party-advisory)
26288 (vdb-entry, x_refsource_BID)
1018891 (vdb-entry, x_refsource_SECTRACK)
27469 (x_refsource_SECUNIA, third-party-advisory)
20071101 SEC Consult SA-20071101-0 :: Multiple Vulnerabilities in SonicWALLSSL-VPN Client (mailing-list, x_refsource_BUGTRAQ)

Frequently asked questions

What is CVE-2007-5603?: CVE-2007-5603 is a vulnerability in N/a. Published 2007-11-05.
Is CVE-2007-5603 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.