Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6510

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2007-6510
Last Modified 05 Sep 2008 05:33:25
Published 21 Dec 2007 02:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-6510

Summary

Multiple stack-based buffer overflows in ProWizard 4 PC (prowiz) 1.62 and earlier allow remote attackers to execute arbitrary code via a crafted file to the (1) AMOS-MusicBank, (2) FuzzacPacker, and (3) QuadraComposer rippers; and (4) have an unknown impact via a crafted file to the SkytPacker ripper.

Vulnerable Systems

Application

  • Prowizard 4 Pc 1.0

  • Prowizard 4 Pc 1.40

  • Prowizard 4 Pc 1.44.005

  • Prowizard 4 Pc 1.45.c3

  • Prowizard 4 Pc 1.46

  • Prowizard 4 Pc 1.47

  • Prowizard 4 Pc 1.48

  • Prowizard 4 Pc 1.49.0

  • Prowizard 4 Pc 1.49.1

  • Prowizard 4 Pc 1.49.2

  • Prowizard 4 Pc 1.49.3

  • Prowizard 4 Pc 1.49.4

  • Prowizard 4 Pc 1.50

  • Prowizard 4 Pc 1.50b1

  • Prowizard 4 Pc 1.50b2

  • Prowizard 4 Pc 1.50b3

  • Prowizard 4 Pc 1.51

  • Prowizard 4 Pc 1.52

  • Prowizard 4 Pc 1.60

  • Prowizard 4 Pc 1.61

  • Prowizard 4 Pc 1.62


References

BID - 26953

SECUNIA - 28173

MISC - http://aluigi.org/poc/prowizbof.zip

MISC - http://aluigi.altervista.org/adv/prowizbof-adv.txt

XF - prowizard-data-files-bo(39152)


Last Updated: 27 May 2016 10:46:31