Lucene search

[email protected]CVE-2007-2487

HistoryMay 03, 2007 - 5:19 p.m.

CVE-2007-2487

2007-05-0317:19:00

[email protected]

web.nvd.nist.gov

cve-2007-2487

stack-based buffer overflow

atomixmp3

remote code execution

mp3 file

security vulnerability

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

Low

0.224 Low

EPSS

Percentile

96.5%

JSON

Stack-based buffer overflow in AtomixMP3 allows remote attackers to execute arbitrary code via a long filename in an MP3 file, a different vector than CVE-2006-6287.

Affected configurations

NVD

Node

atomix_productionsatomixmp3

CPENameOperatorVersion
atomix_productions:atomixmp3atomix productions atomixmp3eq*

CPE	Name	Operator	Version
atomix_productions:atomixmp3	atomix productions atomixmp3	eq	*

References

osvdb.org/35532

secunia.com/advisories/25126

securityreason.com/securityalert/2675

www.mexhackteam.org/prethoonker/descargas/Atomixb0f.zip

www.securityfocus.com/archive/1/467374/100/0/threaded

www.securityfocus.com/bid/23756

exchange.xforce.ibmcloud.com/vulnerabilities/34022

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

Low

0.224 Low

EPSS

Percentile

96.5%

JSON

Related for CVE-2007-2487

cvelist3 prion2 nvd3 cve2 securityvulns1