Published: 24/01/2007 Updated: 16/10/2018

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 945

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Stack-based buffer overflow in the NCTAudioFile2.AudioFile ActiveX control (NCTAudioFile2.dll), as used by multiple products, allows remote malicious users to execute arbitrary code via a long argument to the SetFormatLikeSample function. NOTE: the products include (1) NCTsoft NCTAudioStudio, NCTAudioEditor, and NCTDialogicVoice; (2) Magic Audio Recorder, Music Editor, and Audio Converter; (3) Aurora Media Workshop; DB Audio Mixer And Editor; (4) J. Hepple Products including Fx Audio Editor and others; (5) EXPStudio Audio Editor; (6) iMesh; (7) Quikscribe; (8) RMBSoft AudioConvert and SoundEdit Pro 2.1; (9) CDBurnerXP; (10) Code-it Software Wave MP3 Editor and aBasic Editor; (11) Movavi VideoMessage, DVD to iPod, and others; (12) SoftDiv Software Dexster, iVideoMAX, and others; (13) Sienzo Digital Music Mentor (DMM); (14) MP3 Normalizer; (15) Roemer Software FREE and Easy Hi-Q Recorder, and Easy Hi-Q Converter; (16) Audio Edit Magic; (17) Joshua Video and Audio Converter; (18) Virtual CD; (19) Cheetah CD and DVD Burner; (20) Mystik Media AudioEdit Deluxe, Blaze Media, and others; (21) Power Audio Editor; (22) DanDans Digital Media Full Audio Converter, Music Editing Master, and others; (23) Xrlly Software Text to Speech Makerand Arial Sound Recorder / Audio Converter; (24) Absolute Sound Recorder, Video to Audio Converter, and MP3 Splitter; (25) Easy Ringtone Maker; (26) RecordNRip; (27) McFunSoft iPod Audio Studio, Audio Recorder for Free, and others; (28) MP3 WAV Converter; (29) BearShare 6.0.2.26789; and (30) Oracle Siebel SimBuilder and CRM 7.x.

Vulnerable Product	Search on Vulmon	Subscribe to Product
altdo mp3 record and edit audio master 1.2
americanshareware mp3 wav converter 3.1.8
code-it softare wave mp3 editor 10.1
dandans digital media products easy audio editor 7.4
dandans digital media products full audio converter 4.2
iaudiosoft.com absolute sound recorder 3.4.5
iaudiosoft.com absolute video to audio converter 2.7.9
j hepple products fx movie joiner and splitter 6.2.8
j hepple products fx movie splitter 6.4.7
mcfunsoft audio editor 6.3.3_build_489
mcfunsoft audio recorder for free 6.1
movavi convertmovie 4.4
cdburnerxp cdburnerxp pro 3.0.116
cheetahburner cheetah cd burner 3.56
digital borneo audio mixer and editor 1.1.0
easy ringtone maker easy ringtone maker 2.0.5
j hepple products fx audio editor 4.7.11
j hepple products fx audio tools 7.3.4
joshua mediasoft audio convertor plus 2.2
joshua mediasoft video converter plus 3.01
mcfunsoft ipod music converter 5.1
mcfunsoft recording to ipod solution 5.1
movavi videomessage 1.0
mp3-soft mp3 normalizer 1.03
nctsoft products nctaudiostudio 2.7.1
nctsoft products nctdialogicvoice 2.7.1
nextlevel systems audio editor gold 9.2.5_build_424
roemer software easy hi-q converter 1.7
roemer software easy hi-q recorder 2.0
softdiv softare snosh 1.4
softdiv softare videozilla 2.5
xrlly software text to speech maker 1.3.8
xwaver.com magic audio editor pro 10.3.1_build_476
xwaver.com magic music studio pro 7.0.2.1_build_500
audio edit magic audio edit magic 9.2.3_389
altdo convert mp3 master 1.1
cheetahburner cheetah dvd burner 1.79
code-it softare abasic editor 10.1
expstudio audio editor 4.0.2
iaudiosoft.com absolute mp3 splitter 2.5.4
j hepple products fx magic music 5.7.7
j hepple products fx movie joiner 6.2.8
movavi dvd to ipod 1.0
mystik media products blaze mediaconvert 3.4
mystik media products contextconvert pro 3.1
quikscribe quikscribe recorder 5.021.29
recordnrip recordnrip 1.0
smart media systems power audio editor 11.0.1
softdiv softare dexster 3.0
virtual cd virtual cd 8.0.0.6
virtual cd virtual cd file server 7.1.0.3
magicvideosoftare magic audio converter 8.2.6_build_719
magicvideosoftare magic audio recorder 5.3.7
magicvideosoftare magic music editor 5.2.2
mediatox aurora media workshop 3.3.25
movavi chiliburner 2.3
mystik media products audioedit deluxe 4.10
mystik media products blaze media pro 7.0
nextlevel systems audio studio gold 7.0.1.1_build_500
quikscribe quikscribe player 5.022.05
roemer software free hi-q recorder 1.9
sienzo digital music mentor 2.6.0.3
virtual cd virtual cd 6.0.0.7
virtual cd virtual cd 7.1.0.2
bearshare bearshare 6.0.2.26789
dandans digital media products music editing master 5.2
dandans digital media products visual video converter 4.4
imesh.com imesh 7.0.2.26789
j hepple products fx audio concat 1.2.0_beta
j hepple products fx new sound 5.1.1
j hepple products fx video converter 7.51.21
mcfunsoft audio studio 6.6.3_build_479
mcfunsoft ipod audio studio 6.2.4
movavi splitmovie 1.4
movavi suite 3.5
nctsoft products nctaudioeditor 2.7.1
nctsoft products nctaudiofile2
rmbsoft audioconvert 3.1.0.125
rmbsoft soundedit pro 2.1
softdiv softare ivideomax 3.9
softdiv softare mp3 to wav converter 3.0
xrlly software arial audio converter 2.3.40
xrlly software arial sound recorder 1.4.3

<html> <object classid='clsid:77829F14-D911-40FF-A2F0-D11DB8D6D0BC' id='NCTAudioFile2'></object> <input language=VBScript onclick=tryMe() type=button value="Click here to start the test"> <script language = 'vbscript'> Sub tryMe '------------------------------------------------------------------ '[P ...

## # $Id: nctaudiofile2_setformatlikesamplerb 9668 2010-07-03 01:38:15Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require ...

/* ------------------------------------------------------------------------------------------------- [PoC] 79 Exes's / IE NCTAudioFile2AudioFile ActiveX Remote Stack Overfl0w Auther: InTeL Original Advisory: secuniacom/secunia_research/ Attack Vector: EIP smash Type: Remote (Malicious webpage) Mail; intel@stolein Tested on Win2k SP4 (En ...

Get Started

CVE-2007-0018

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect