Lucene search

[email protected]CVE-2007-4735

HistorySep 06, 2007 - 7:17 p.m.

CVE-2007-4735

2007-09-0619:17:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2007-4735

buffer overflow

vdj 5.0

arbitrary code execution

file path

m3u file

remote attack

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

High

0.215 Low

EPSS

Percentile

96.5%

JSON

Buffer overflow in Next Generation Software Virtual DJ (VDJ) 5.0 allows user-assisted remote attackers to execute arbitrary code via a long file path in an m3u file.

Affected configurations

NVD

Node

next_generation_softwarevirtual_dj_\(vdj\)Match5.0

CPENameOperatorVersion
next_generation_software:virtual_dj_\(vdj\)next generation software virtual dj (vdj)eq5.0

CPE	Name	Operator	Version
next_generation_software:virtual_dj_\(vdj\)	next generation software virtual dj (vdj)	eq	5.0

References

osvdb.org/40307

secunia.com/advisories/26665

www.securityfocus.com/bid/25512

www.securityfocus.com/bid/25513

www.vupen.com/english/advisories/2007/3036

exchange.xforce.ibmcloud.com/vulnerabilities/36430

www.exploit-db.com/exploits/4354

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

High

0.215 Low

EPSS

Percentile

96.5%

JSON

Related for CVE-2007-4735

nvd1 prion1 cvelist1