Lucene search

[email protected]CVE-2007-0707

HistoryFeb 04, 2007 - 12:28 a.m.

CVE-2007-0707

2007-02-0400:28:00

[email protected]

web.nvd.nist.gov

cve-2007-0707

gom player

buffer overflow

remote code execution

asx file

security vulnerability

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

Low

0.065 Low

EPSS

Percentile

93.8%

JSON

Stack-based buffer overflow in GOM Player 2.0.12.3375 allows user-assisted remote attackers to execute arbitrary code via a .ASX file with a long URI in the “ref href” tag. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.

Affected configurations

NVD

Node

gom_playergom_playerMatch2.0.12.3375

CPENameOperatorVersion
gom_player:gom_playergom playereq2.0.12.3375

CPE	Name	Operator	Version
gom_player:gom_player	gom player	eq	2.0.12.3375

References

osvdb.org/33080

secunia.com/advisories/23994

www.gomplayer.com/forum/viewtopic.html?t=221

exchange.xforce.ibmcloud.com/vulnerabilities/32164

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

Low

0.065 Low

EPSS

Percentile

93.8%

JSON

Related for CVE-2007-0707

cvelist2 nvd2 prion2 securityvulns1 cve1