Lucene search

[email protected]CVE-2007-4470

HistorySep 10, 2007 - 5:17 p.m.

CVE-2007-4470

2007-09-1017:17:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2007-4470

earth resource mapping

ncsview

activex control

buffer overflow

remote code execution

security vulnerability

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

Low

0.103 Low

EPSS

Percentile

95.0%

JSON

Multiple stack-based buffer overflows in the Earth Resource Mapping NCSView ActiveX control before 3.4.0.242 in NCSView.dll, as distributed in ER Mapper ECW JPEG 2000 Plug-in before 8.1, allow remote attackers to execute arbitrary code via unspecified vectors.

Affected configurations

NVD

Node

er_mapperimage_web_server_ecw_jpeg_2000_plug-inRange≤8

CPENameOperatorVersion
er_mapper:image_web_server_ecw_jpeg_2000_plug-iner mapper image web server ecw jpeg 2000 plug-inle8

CPE	Name	Operator	Version
er_mapper:image_web_server_ecw_jpeg_2000_plug-in	er mapper image web server ecw jpeg 2000 plug-in	le	8

References

osvdb.org/37780

secunia.com/advisories/26729

www.kb.cert.org/vuls/id/589188

www.securityfocus.com/bid/25584

www.vupen.com/english/advisories/2007/3093

exchange.xforce.ibmcloud.com/vulnerabilities/36497

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

Low

0.103 Low

EPSS

Percentile

95.0%

JSON

Related for CVE-2007-4470

nessus1 prion1 cvelist1 cert1 nvd1