CVE-2007-4916 - Secunia Advisories - Vulnerability Intelligence - Secunia.com

Vulnerability Intelligence

Vulnerability Scanning

Community - new!

Blog - new entry!

Corporate Information

Secunia Advisories

Secunia Research

Binary Analysis

Home > Vulnerability Intelligence > Secunia Advisories > CVE-2007-4916

Secunia Advisories

Advisories by Product

Advisories by Vendor

Historic Advisories

Mailing Lists & RSS

Report Vulnerability

Business Solutions Restricted

Restricted

Partner Solutions Restricted

Restricted

CVE Reference: CVE-2007-4916
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-4916

Description: Heap-based buffer overflow in the FileFind::FindFile method in (1) MFC42.dll, (2) MFC42u.dll, (3) MFC71.dll, and (4) MFC71u.dll in Microsoft Foundation Class (MFC) Library 8.0, as used by the ListFiles method in hpqutil.dll 2.0.0.138 in Hewlett-Packard (HP) All-in-One and Photo & Imaging Gallery 1.1 and probably other products, allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long first argument.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/36609 http://xforce.iss.net/xforce/xfdb/36608 ST 1018698 SREASON http://securityreason.com/securityalert/3143 SAID Secunia Advisory: SA26800 MISC http://goodfellas.shellcode.com.ar/own/VULWAR200706041 http://goodfellas.shellcode.com.ar/own/VULWKU200706142 CERT-VN 611008 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/479443/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/479442/100/0/threaded BID 25697 25673

Return to the previous page.

Contact | Terms & Conditions and Copyright | Report Vulnerability | Press | Jobs | About Secunia
Copyright Secunia 2002-2008