- Description
- Buffer overflow in the Configuration Checker (ConfigChk) ActiveX control in VSCnfChk.dll 2.0.0.2 for Verisign Managed PKI Service, Secure Messaging for Microsoft Exchange, and Go Secure! allows remote attackers to execute arbitrary code via long arguments to the VerCompare method.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
- nvd@nist.gov
- CWE-119
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:verisign:mpki:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D4C59422-2D27-46E2-B224-03D839518671",
"versionEndIncluding": "6.1.3"
},
{
"criteria": "cpe:2.3:a:verisign:mpki:4.6.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7B9334BE-2B55-4AEE-B5A3-7FAA3767057F"
},
{
"criteria": "cpe:2.3:a:verisign:mpki:5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A5AE7972-3BBC-4247-8524-B90D8980269A"
},
{
"criteria": "cpe:2.3:a:verisign:mpki:6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8CD4AA8E-D8A0-48F2-AE50-AB38E6C96699"
},
{
"criteria": "cpe:2.3:a:verisign:mpki:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "42581C0F-9F47-4BF3-A95E-EC03871889DF"
}
],
"operator": "OR"
}
]
}
]