Lucene search

[email protected]CVE-2007-0320

HistoryFeb 23, 2007 - 3:28 a.m.

CVE-2007-0320

2007-02-2303:28:00

CWE-119

[email protected]

web.nvd.nist.gov

cve

2007

0320

buffer overflows

activex

netscape plug-in

iftw.dll

npiftw32.dll

macrovision

installfromtheweb

remote code execution

html documents

7.9 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.113 Low

EPSS

Percentile

95.1%

JSON

Multiple buffer overflows in (a) an ActiveX control (iftw.dll) and (b) Netscape plug-in (npiftw32.dll) for Macrovision (formerly InstallShield) InstallFromTheWeb allow remote attackers to execute arbitrary code via crafted HTML documents.

CPENameOperatorVersion
macrovision:installfromthewebmacrovision installfromthewebeq*

CPE	Name	Operator	Version
macrovision:installfromtheweb	macrovision installfromtheweb	eq	*

References

osvdb.org/33530

osvdb.org/33531

secunia.com/advisories/24285

www.kb.cert.org/vuls/id/181041

www.kb.cert.org/vuls/id/MAPG-6UQUDP

www.securityfocus.com/bid/22672

www.vupen.com/english/advisories/2007/0705

exchange.xforce.ibmcloud.com/vulnerabilities/32645

7.9 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.113 Low

EPSS

Percentile

95.1%

JSON

Related for CVE-2007-0320

nessus1 cert1 prion1 securityvulns1