Lucene search

[email protected]NVD:CVE-2007-3493

HistoryJun 29, 2007 - 6:30 p.m.

CVE-2007-3493

2007-06-2918:30:00

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.7 Medium

AI Score

Confidence

Low

0.227 Low

EPSS

Percentile

96.5%

JSON

A certain ActiveX control in NCTWavChunksEditor2.dll 2.6.1.148 in NCTAudioStudio (NCTAudioStudio2) 2.7, as used by Sienzo DMM and probably other products, allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the CreateFile method, a different product than CVE-2007-3400.

Affected configurations

NVD

Node

microsoftwindows_xpsp2

AND

microsoftinternet_explorerMatch7.0

nctsoft_productsnctaudiostudioMatch2.7

nctsoft_productsnctwavchunkseditor2.dllMatch2.6.1.148

References

osvdb.org/37673

secunia.com/advisories/25851

www.securityfocus.com/bid/24656

www.shinnai.altervista.org/exploits/ntcwavchunkstxt.html

www.shinnai.altervista.org/index.php?mod=02_Forum&group=Exploits&argument=Remote&topic=1182845325.ff.php&page=last

www.vupen.com/english/advisories/2007/2351

exchange.xforce.ibmcloud.com/vulnerabilities/35081

www.exploit-db.com/exploits/4109

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.7 Medium

AI Score

Confidence

Low

0.227 Low

EPSS

Percentile

96.5%

JSON

Related for NVD:CVE-2007-3493

cvelist2 prion2 cve2 nvd1