Lucene search

MitreCVE-2007-0111

HistoryJan 09, 2007 - 12:28 a.m.

CVE-2007-0111

2007-01-0900:28:00

mitre

web.nvd.nist.gov

cve-2007-0111

buffer overflow

resco photo viewer

pocketpc

remote code execution

png image

nvd

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

Confidence

High

EPSS

0.197

Percentile

96.3%

JSON

Buffer overflow in Resco Photo Viewer for PocketPC 4.11 and 6.01, as used in mobile devices running Windows Mobile 5.0, 2003, and 2003SE, allows remote attackers to execute arbitrary code via a crafted PNG image.

Affected configurations

Nvd

Node

rescophoto_viewerMatch4.11

rescophoto_viewerMatch6.11

VendorProductVersionCPE
rescophoto_viewer4.11cpe:2.3:a:resco:photo_viewer:4.11:*:*:*:*:*:*:*
rescophoto_viewer6.11cpe:2.3:a:resco:photo_viewer:6.11:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
resco	photo_viewer	4.11	cpe:2.3:a:resco:photo_viewer:4.11:::::::*
resco	photo_viewer	6.11	cpe:2.3:a:resco:photo_viewer:6.11:::::::*

References

blog.trendmicro.com/flaw-in-3rd-party-app-weakens-windows-mobile/

osvdb.org/32644

secunia.com/advisories/23658

www.securityfocus.com/bid/21920

www.trendmicro.com/vinfo/secadvisories/default6.asp?VName=Vulnerability+in+Resco+Photo+Viewer+6.01+Enabling+Code+Injection+and+Arbitrary+Code+Execution

www.vupen.com/english/advisories/2007/0072

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

Confidence

High

EPSS

0.197

Percentile

96.3%

JSON

Related for CVE-2007-0111