CVE-2017-7908

Summary

A heap-based buffer overflow exists in the third-party product Gigasoft, v5 and prior, included in GE Communicator 3.15 and prior. A malicious HTML file that loads the ActiveX controls can trigger the vulnerability via unchecked function calls.

Affected Software

VendorProductVersion RangeStatus
GEGE CommunicatorCommunicator 3.15 and prior.affected

Weaknesses

  • CWE-122: HEAP-BASED BUFFER OVERFLOW CWE-122

ADP Enrichment

CVE Program Container

Additional References

References