What is CVE-2007-0348?

CVE-2007-0348 is a vulnerability in N/a. Published 2007-03-21.

Is CVE-2007-0348 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2007-0348

Stack-based buffer overflow in the IASystemInfo.dll ActiveX control in (1) InterActual Player 2.60.12.0717, (2) Roxio CinePlayer 3.2, (3) WinDVD 7.0.27.172, and possibly other products, allows remote attackers to execute arbitrary code via…

EPSS: 0.727 (98.8th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework

References

23075 (x_refsource_SECUNIA, third-party-advisory)
interactual-iasysteminfo-bo(33186) (vdb-entry, x_refsource_XF)
34314 (x_refsource_OSVDB, vdb-entry)
23032 (x_refsource_SECUNIA, third-party-advisory)
VU#922969 (x_refsource_CERT-VN, third-party-advisory)
secunia.com/secunia_research/2007-37/advisory/ (x_refsource_MISC)
34315 (x_refsource_OSVDB, vdb-entry)
ADV-2007-1042 (vdb-entry, x_refsource_VUPEN)
23071 (vdb-entry, x_refsource_BID)
ADV-2007-1043 (vdb-entry, x_refsource_VUPEN)

Frequently asked questions

What is CVE-2007-0348?: CVE-2007-0348 is a vulnerability in N/a. Published 2007-03-21.
Is CVE-2007-0348 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.