Published: 26/06/2007 Updated: 11/10/2017

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 935

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

The NCTAudioEditor2 ActiveX control in NCTWMAFile2.dll 2.6.2.157, as distributed in NCTAudioEditor and NCTAudioStudio 2.7, allows remote malicious users to overwrite arbitrary files via the CreateFile method.

Vulnerable Product	Search on Vulmon	Subscribe to Product
nctsoft nctaudioeditor _nil_
nctsoft nctaudiostudio 2.7

<pre> <code><span style="font: 10pt Courier New;"><span class="general1-symbol">------------------------------------------------------------------------------------------ <b>NCTAudioEditor2 ActiveX DLL (NCTWMAFile2dll v 262157) "CreateFile()"Insecure Method</b> url: wwwnctsoftcom/products/NCTAudio ...

CWE-20 http://www.securityfocus.com/bid/24613 http://secunia.com/advisories/25825 http://osvdb.org/37674 http://www.vupen.com/english/advisories/2007/2351 https://exchange.xforce.ibmcloud.com/vulnerabilities/35018 https://www.exploit-db.com/exploits/4101 https://nvd.nist.gov https://www.exploit-db.com/exploits/4101/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-3400

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect