CVE-2007-2601

Опубликовано: 11 мая 2007

Источник: nvd

CVSS2: 9.3

EPSS Средний

Описание

Buffer overflow in a certain ActiveX control in the GDivX Zenith Player AviFixer class in fix.dll 1.0.0.1 allows remote attackers to execute arbitrary code via a long SetInputFile property value.

Ссылки

http://moaxb.blogspot.com/2007/05/moaxb-11-bonus-gdivx-zenith-player.html.
http://osvdb.org/36021
http://www.securityfocus.com/bid/23907
https://exchange.xforce.ibmcloud.com/vulnerabilities/34246
https://www.exploit-db.com/exploits/3889
http://moaxb.blogspot.com/2007/05/moaxb-11-bonus-gdivx-zenith-player.html.
http://osvdb.org/36021
http://www.securityfocus.com/bid/23907
https://exchange.xforce.ibmcloud.com/vulnerabilities/34246
https://www.exploit-db.com/exploits/3889

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:divx_city:gdivx_zenith_player:1.1:*:*:*:*:*:*:*

cpe:2.3:a:divx_city:gdivx_zenith_player:1.2:*:*:*:*:*:*:*

EPSS

Процентиль: 95%

0.16545

Средний

9.3 Critical

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-7j3r-7mf4-66hf

github

почти 4 года назад