Description
Stack-based buffer overflow in the AskJeevesToolBar.SettingsPlugin.1 ActiveX control in askBar.dll in IAC Search & Media ask.com Ask Toolbar 4.0.2.53 and earlier allows remote attackers to execute arbitrary code via a long ShortFormat property value. NOTE: some of these details are obtained from third party information. NOTE: the researcher claims that this is the same as CVE-2007-5108, but there is insufficient detail for CVE-2007-5108 to be certain.
Exploits
44522007-09-24remoteWindows
Ask.com/AskJeeves Toolbar Toolbar 4.0.2.53 - ActiveX Remote Buffer Overflow
By Joey Mengele
165572010-05-09remoteWindows
Ask.com Toolbar - 'askBar.dll' ActiveX Control Buffer Overflow (Metasploit)
By Metasploit
References
cve@mitre.org
http://secunia.com/advisories/26960cve@mitre.org
http://www.foxitsoftware.com/pdf/reader/security.htmcve@mitre.org
http://www.securityfocus.com/bid/25785cve@mitre.org
http://www.vupen.com/english/advisories/2007/3265cve@mitre.org
https://www.exploit-db.com/exploits/4452af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/26960af854a3a-2127-422b-91ae-364da2661108
http://www.foxitsoftware.com/pdf/reader/security.htmaf854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/archive/1/480459/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/25785af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2007/3265af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/36757af854a3a-2127-422b-91ae-364da2661108
https://www.exploit-db.com/exploits/4452