CVE-2007-0018 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2007-0018
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-0018

Description: Stack-based buffer overflow in the NCTAudioFile2.AudioFile ActiveX control (NCTAudioFile2.dll), as used by multiple products, allows remote attackers to execute arbitrary code via a long argument to the SetFormatLikeSample function. NOTE: the products include (1) NCTsoft NCTAudioStudio, NCTAudioEditor, and NCTDialogicVoice; (2) Magic Audio Recorder, Music Editor, and Audio Converter; (3) Aurora Media Workshop; DB Audio Mixer And Editor; (4) J. Hepple Products including Fx Audio Editor and others; (5) EXPStudio Audio Editor; (6) iMesh; (7) Quikscribe; (8) RMBSoft AudioConvert and SoundEdit Pro 2.1; (9) CDBurnerXP; (10) Code-it Software Wave MP3 Editor and aBasic Editor; (11) Movavi VideoMessage, DVD to iPod, and others; (12) SoftDiv Software Dexster, iVideoMAX, and others; (13) Sienzo Digital Music Mentor (DMM); (14) MP3 Normalizer; (15) Roemer Software FREE and Easy Hi-Q Recorder, and Easy Hi-Q Converter; (16) Audio Edit Magic; (17) Joshua Video and Audio Converter; (18) Virtual CD; (19) Cheetah CD and DVD Burner; (20) Mystik Media AudioEdit Deluxe, Blaze Media, and others; (21) Power Audio Editor; (22) DanDans Digital Media Full Audio Converter, Music Editing Master, and others; (23) Xrlly Software Text to Speech Makerand Arial Sound Recorder / Audio Converter; (24) Absolute Sound Recorder, Video to Audio Converter, and MP3 Splitter; (25) Easy Ringtone Maker; (26) RecordNRip; (27) McFunSoft iPod Audio Studio, Audio Recorder for Free, and others; (28) MP3 WAV Converter; (29) BearShare 6.0.2.26789; and (30) Oracle Siebel SimBuilder and CRM 7.x.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/31707 SAID Secunia Advisory: SA30424 Secunia Advisory: SA30406 Secunia Advisory: SA28407 Secunia Advisory: SA26101 Secunia Advisory: SA26100 Secunia Advisory: SA26046 Secunia Advisory: SA25993 Secunia Advisory: SA22922 Secunia Advisory: SA23795 Secunia Advisory: SA23753 Secunia Advisory: SA23745 Secunia Advisory: SA23565 Secunia Advisory: SA23562 Secunia Advisory: SA23561 Secunia Advisory: SA23560 Secunia Advisory: SA23558 Secunia Advisory: SA23554 Secunia Advisory: SA23550 Secunia Advisory: SA23548 Secunia Advisory: SA23546 Secunia Advisory: SA23544 Secunia Advisory: SA23542 Secunia Advisory: SA23541 Secunia Advisory: SA23536 Secunia Advisory: SA23535 Secunia Advisory: SA23534 Secunia Advisory: SA23530 Secunia Advisory: SA23516 Secunia Advisory: SA23511 Secunia Advisory: SA23495 Secunia Advisory: SA23485 Secunia Advisory: SA23568 Secunia Advisory: SA23557 Secunia Advisory: SA23553 Secunia Advisory: SA23551 Secunia Advisory: SA23552 Secunia Advisory: SA23543 Secunia Advisory: SA23532 Secunia Advisory: SA23475 Secunia Advisory: SA23493 Secunia Advisory: SA30439 Secunia Advisory: SA30446 Secunia Advisory: SA30447 Secunia Advisory: SA30450 Secunia Advisory: SA30459 MISC http://secunia.com/secunia_research/2007-50/advisory/ http://secunia.com/blog/6/ http://secunia.com/secunia_research/2007-34/advisory/ http://secunia.com/secunia_research/2007-33/advisory/ http://secunia.com/secunia_research/2007-32/advisory/ http://secunia.com/secunia_research/2007-31/advisory/ http://secunia.com/secunia_research/2007-30/advisory/ http://secunia.com/secunia_research/2007-29/advisory/ http://secunia.com/secunia_research/2007-28/advisory/ http://secunia.com/secunia_research/2007-27/advisory/ http://secunia.com/secunia_research/2007-26/advisory/ http://secunia.com/secunia_research/2007-25/advisory/ http://secunia.com/secunia_research/2007-19/advisory/ http://secunia.com/secunia_research/2007-20/advisory/ http://secunia.com/secunia_research/2007-21/advisory/ http://secunia.com/secunia_research/2007-22/advisory/ http://secunia.com/secunia_research/2007-23/advisory/ http://secunia.com/secunia_research/2007-24/advisory/ http://secunia.com/secunia_research/2007-18/advisory/ http://secunia.com/secunia_research/2007-16/advisory/ http://secunia.com/secunia_research/2007-17/advisory/ http://secunia.com/secunia_research/2007-14/advisory/ http://secunia.com/secunia_research/2007-15/advisory/ http://secunia.com/secunia_research/2007-13/advisory/ http://secunia.com/secunia_research/2007-12/advisory/ http://secunia.com/secunia_research/2007-11/advisory/ http://secunia.com/secunia_research/2007-10/advisory/ http://secunia.com/secunia_research/2007-9/advisory/ http://secunia.com/secunia_research/2007-8/advisory/ http://secunia.com/secunia_research/2007-7/advisory/ http://secunia.com/secunia_research/2007-6/advisory/ http://secunia.com/secunia_research/2007-5/advisory/ http://secunia.com/secunia_research/2007-2/advisory/ http://secunia.com/secunia_research/2007-3/advisory/ http://secunia.com/secunia_research/2007-4/advisory/ CERT-VN 292713 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/457936/100/200/threaded http://www.securityfocus.com/archive/1/archive/1/457940/100/200/threaded http://www.securityfocus.com/archive/1/archive/1/457965/100/200/threaded BID 22196 23892

Return to the previous page.