CVE-2007-0348

Опубликовано: 21 мар. 2007

Источник: nvd

CVSS2: 9.3

EPSS Высокий

Описание

Stack-based buffer overflow in the IASystemInfo.dll ActiveX control in (1) InterActual Player 2.60.12.0717, (2) Roxio CinePlayer 3.2, (3) WinDVD 7.0.27.172, and possibly other products, allows remote attackers to execute arbitrary code via a long ApplicationType property.

Ссылки

http://osvdb.org/34314
http://osvdb.org/34315
http://secunia.com/advisories/23032
Vendor Advisory
http://secunia.com/advisories/23075
Vendor Advisory
http://secunia.com/advisories/24556
Vendor Advisory
http://secunia.com/secunia_research/2007-37/advisory/
Vendor Advisory
http://www.kb.cert.org/vuls/id/922969
US Government Resource
http://www.securityfocus.com/archive/1/463405/100/0/threaded
http://www.securityfocus.com/bid/23071
http://www.vupen.com/english/advisories/2007/1042
Vendor Advisory
http://www.vupen.com/english/advisories/2007/1043
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/33186
http://osvdb.org/34314
http://osvdb.org/34315
http://secunia.com/advisories/23032
Vendor Advisory
http://secunia.com/advisories/23075
Vendor Advisory
http://secunia.com/advisories/24556
Vendor Advisory
http://secunia.com/secunia_research/2007-37/advisory/
Vendor Advisory
http://www.kb.cert.org/vuls/id/922969
US Government Resource
http://www.securityfocus.com/archive/1/463405/100/0/threaded

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:interactual_technologies:interactual_player:2.60.12.0717:*:*:*:*:*:*:*

cpe:2.3:a:intervideo:windvd:7.0.27.172:*:*:*:*:*:*:*

cpe:2.3:a:roxio:cineplayer:3.2:*:*:*:*:*:*:*

EPSS

Процентиль: 99%

0.72302

Высокий

9.3 Critical

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-2gmq-3r6v-g7jx

github

больше 3 лет назад