Lucene search

[email protected]CVE-2007-3479

HistoryJun 28, 2007 - 6:30 p.m.

CVE-2007-3479

2007-06-2818:30:00

[email protected]

web.nvd.nist.gov

cve-2007-3479

buffer overflow

pcsoft windev 11

arbitrary code execution

wdp project file

nvd

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8 High

AI Score

Confidence

High

0.079 Low

EPSS

Percentile

94.3%

JSON

Stack-based buffer overflow in PCSoft WinDEV 11 (01F110053p) allows user-assisted remote attackers to execute arbitrary code via a long string in the “used DLL” field in a WDP project file.

Affected configurations

NVD

Node

pc_softwindevMatch11

CPENameOperatorVersion
pc_soft:windevpc soft windeveq11

CPE	Name	Operator	Version
pc_soft:windev	pc soft windev	eq	11

References

osvdb.org/38910

www.securityfocus.com/archive/1/472438/100/0/threaded

www.securityfocus.com/bid/24693

www.securinfos.info/english/security-advisories-alerts/20070628_PCSoft.WinDEV.wdp.Project.File.Handling.Buffer.Overflow.php

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8 High

AI Score

Confidence

High

0.079 Low

EPSS

Percentile

94.3%

JSON

Related for CVE-2007-3479

cvelist1 nvd1 prion1