Published: 21/03/2007 Updated: 16/10/2018

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 935

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Stack-based buffer overflow in the IASystemInfo.dll ActiveX control in (1) InterActual Player 2.60.12.0717, (2) Roxio CinePlayer 3.2, (3) WinDVD 7.0.27.172, and possibly other products, allows remote malicious users to execute arbitrary code via a long ApplicationType property.

Vulnerable Product	Search on Vulmon	Subscribe to Product
interactual technologies interactual player 2.60.12.0717
intervideo windvd 7.0.27.172
roxio cineplayer 3.2

## # $Id: windvd7_applicationtyperb 9262 2010-05-09 17:45:00Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' ...

CWE-119 http://secunia.com/secunia_research/2007-37/advisory/http://secunia.com/advisories/23032 http://secunia.com/advisories/23075 http://www.kb.cert.org/vuls/id/922969 http://secunia.com/advisories/24556 http://www.securityfocus.com/bid/23071 http://osvdb.org/34315 http://osvdb.org/34314 http://www.vupen.com/english/advisories/2007/1042 http://www.vupen.com/english/advisories/2007/1043 https://exchange.xforce.ibmcloud.com/vulnerabilities/33186 http://www.securityfocus.com/archive/1/463405/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/16529/https://www.kb.cert.org/vuls/id/922969

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-0348

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect