Lucene search

[email protected]CVE-2007-2209

HistoryApr 24, 2007 - 8:19 p.m.

CVE-2007-2209

2007-04-2420:19:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-2209

buffer overflow

igcore15d.dll

accusoft imagegear

corel paint shop pro photo

remote attackers

arbitrary code

.clp file

8.8 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.193 Low

EPSS

Percentile

96.2%

JSON

Buffer overflow in igcore15d.dll 15.1.2.0 and 15.2.0.0 for AccuSoft ImageGear, as used in Corel Paint Shop Pro Photo 11.20 and possibly other products, allows user-assisted remote attackers to execute arbitrary code via a crafted .CLP file. NOTE: some details were obtained from third party sources.

CPENameOperatorVersion
accusoft:imagegearaccusoft imagegeareq*
corel:paint_shop_procorel paint shop proeq11.20

CPE	Name	Operator	Version
accusoft:imagegear	accusoft imagegear	eq	*
corel:paint_shop_pro	corel paint shop pro	eq	11.20

References

osvdb.org/35308

osvdb.org/35386

secunia.com/advisories/25016

secunia.com/advisories/25050

www.securityfocus.com/bid/23604

www.securitytracker.com/id?1017963

www.vupen.com/english/advisories/2007/1506

exchange.xforce.ibmcloud.com/vulnerabilities/33821

www.exploit-db.com/exploits/3779

8.8 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.193 Low

EPSS

Percentile

96.2%

JSON

Related for CVE-2007-2209

prion1