Описание
A certain ActiveX control in NCTWavChunksEditor2.dll 2.6.1.148 in NCTAudioStudio (NCTAudioStudio2) 2.7, as used by Sienzo DMM and probably other products, allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the CreateFile method, a different product than CVE-2007-3400.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
Одно из
cpe:2.3:a:microsoft:internet_explorer:7.0:*:*:*:*:*:*:*
cpe:2.3:a:nctsoft_products:nctaudiostudio:2.7:*:*:*:*:*:*:*
cpe:2.3:a:nctsoft_products:nctwavchunkseditor2.dll:2.6.1.148:*:*:*:*:*:*:*
EPSS
Процентиль: 97%
0.40038
Средний
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
A certain ActiveX control in NCTWavChunksEditor2.dll 2.6.1.148 in NCTAudioStudio (NCTAudioStudio2) 2.7, as used by Sienzo DMM and probably other products, allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the CreateFile method, a different product than CVE-2007-3400.
EPSS
Процентиль: 97%
0.40038
Средний
7.5 High
CVSS2
Дефекты
NVD-CWE-Other