What is CVE-2007-6377?

CVE-2007-6377 is a vulnerability in N/a. Published 2007-12-15.

Is CVE-2007-6377 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2007-6377

Stack-based buffer overflow in the PassThru functionality in ext.dll in BadBlue 2.72b and earlier allows remote attackers to execute arbitrary code via a long query string.

EPSS: 0.828 (99.3th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

References

aluigi.altervista.org/poc/badbluebof.txt (x_refsource_MISC)
3448 (x_refsource_SREASON, third-party-advisory)
28031 (x_refsource_SECUNIA, third-party-advisory)
42416 (x_refsource_OSVDB, vdb-entry)
4784 (exploit, x_refsource_EXPLOIT-DB)
26803 (vdb-entry, x_refsource_BID)
20071210 Multiple vulnerabilities in BadBlue 2.72b (mailing-list, x_refsource_BUGTRAQ)
aluigi.altervista.org/adv/badblue-adv.txt (x_refsource_MISC)
ADV-2007-4160 (vdb-entry, x_refsource_VUPEN)

Frequently asked questions

What is CVE-2007-6377?: CVE-2007-6377 is a vulnerability in N/a. Published 2007-12-15.
Is CVE-2007-6377 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.