正文

Microsoft Internet Explorer - NCTAudioFile2.AudioFile ActiveX Remote Stack Overflow (2)

admin
admin V管理员 /0 评论 /11 阅读
0413
此篇文章发布距今已超过1136天,您需要注意文章的内容或图片是否可用!

CVE编号

CVE-2007-0018

利用情况

暂无

补丁情况

N/A

披露时间

2007-01-25
漏洞描述
Stack-based buffer overflow in the NCTAudioFile2.AudioFile ActiveX control (NCTAudioFile2.dll), as used by multiple products, allows remote attackers to execute arbitrary code via a long argument to the SetFormatLikeSample function. NOTE: the products include (1) NCTsoft NCTAudioStudio, NCTAudioEditor, and NCTDialogicVoice; (2) Magic Audio Recorder, Music Editor, and Audio Converter; (3) Aurora Media Workshop; DB Audio Mixer And Editor; (4) J. Hepple Products including Fx Audio Editor and others; (5) EXPStudio Audio Editor; (6) iMesh; (7) Quikscribe; (8) RMBSoft AudioConvert and SoundEdit Pro 2.1; (9) CDBurnerXP; (10) Code-it Software Wave MP3 Editor and aBasic Editor; (11) Movavi VideoMessage, DVD to iPod, and others; (12) SoftDiv Software Dexster, iVideoMAX, and others; (13) Sienzo Digital Music Mentor (DMM); (14) MP3 Normalizer; (15) Roemer Software FREE and Easy Hi-Q Recorder, and Easy Hi-Q Converter; (16) Audio Edit Magic; (17) Joshua Video and Audio Converter; (18) Virtual CD; (19) Cheetah CD and DVD Burner; (20) Mystik Media AudioEdit Deluxe, Blaze Media, and others; (21) Power Audio Editor; (22) DanDans Digital Media Full Audio Converter, Music Editing Master, and others; (23) Xrlly Software Text to Speech Makerand Arial Sound Recorder / Audio Converter; (24) Absolute Sound Recorder, Video to Audio Converter, and MP3 Splitter; (25) Easy Ringtone Maker; (26) RecordNRip; (27) McFunSoft iPod Audio Studio, Audio Recorder for Free, and others; (28) MP3 WAV Converter; (29) BearShare 6.0.2.26789; and (30) Oracle Siebel SimBuilder and CRM 7.x.
解决建议
建议您更新当前系统或软件至最新版,完成漏洞的修复。
参考链接
http://secunia.com/advisories/22922
http://secunia.com/advisories/23475
http://secunia.com/advisories/23485
http://secunia.com/advisories/23493
http://secunia.com/advisories/23495
http://secunia.com/advisories/23511
http://secunia.com/advisories/23516
http://secunia.com/advisories/23530
http://secunia.com/advisories/23532
http://secunia.com/advisories/23534
http://secunia.com/advisories/23535
http://secunia.com/advisories/23536
http://secunia.com/advisories/23541
http://secunia.com/advisories/23542
http://secunia.com/advisories/23543
http://secunia.com/advisories/23544
http://secunia.com/advisories/23546
http://secunia.com/advisories/23548
http://secunia.com/advisories/23550
http://secunia.com/advisories/23551
http://secunia.com/advisories/23552
http://secunia.com/advisories/23553
http://secunia.com/advisories/23554
http://secunia.com/advisories/23557
http://secunia.com/advisories/23558
http://secunia.com/advisories/23560
http://secunia.com/advisories/23561
http://secunia.com/advisories/23562
http://secunia.com/advisories/23565
http://secunia.com/advisories/23568
http://secunia.com/advisories/23745
http://secunia.com/advisories/23753
http://secunia.com/advisories/23795
http://secunia.com/advisories/25993
http://secunia.com/advisories/26046
http://secunia.com/advisories/26100
http://secunia.com/advisories/26101
http://secunia.com/advisories/28407
http://secunia.com/advisories/30406
http://secunia.com/advisories/30424
http://secunia.com/advisories/30439
http://secunia.com/advisories/30446
http://secunia.com/advisories/30447
http://secunia.com/advisories/30450
http://secunia.com/advisories/30459
http://secunia.com/blog/6/
http://secunia.com/secunia_research/2007-10/advisory/
http://secunia.com/secunia_research/2007-11/advisory/
http://secunia.com/secunia_research/2007-12/advisory/
http://secunia.com/secunia_research/2007-13/advisory/
http://secunia.com/secunia_research/2007-14/advisory/
http://secunia.com/secunia_research/2007-15/advisory/
http://secunia.com/secunia_research/2007-16/advisory/
http://secunia.com/secunia_research/2007-17/advisory/
http://secunia.com/secunia_research/2007-18/advisory/
http://secunia.com/secunia_research/2007-19/advisory/
http://secunia.com/secunia_research/2007-2/advisory/
http://secunia.com/secunia_research/2007-20/advisory/
http://secunia.com/secunia_research/2007-21/advisory/
http://secunia.com/secunia_research/2007-22/advisory/
http://secunia.com/secunia_research/2007-23/advisory/
http://secunia.com/secunia_research/2007-24/advisory/
http://secunia.com/secunia_research/2007-25/advisory/
http://secunia.com/secunia_research/2007-26/advisory/
http://secunia.com/secunia_research/2007-27/advisory/
http://secunia.com/secunia_research/2007-28/advisory/
http://secunia.com/secunia_research/2007-29/advisory/
http://secunia.com/secunia_research/2007-3/advisory/
http://secunia.com/secunia_research/2007-30/advisory/
http://secunia.com/secunia_research/2007-31/advisory/
http://secunia.com/secunia_research/2007-32/advisory/
http://secunia.com/secunia_research/2007-33/advisory/
http://secunia.com/secunia_research/2007-34/advisory/
http://secunia.com/secunia_research/2007-4/advisory/
http://secunia.com/secunia_research/2007-5/advisory/
http://secunia.com/secunia_research/2007-50/advisory/
http://secunia.com/secunia_research/2007-6/advisory/
http://secunia.com/secunia_research/2007-7/advisory/
http://secunia.com/secunia_research/2007-8/advisory/
http://secunia.com/secunia_research/2007-9/advisory/
http://www.kb.cert.org/vuls/id/292713
http://www.securityfocus.com/archive/1/457936/100/200/threaded
http://www.securityfocus.com/archive/1/457940/100/200/threaded
http://www.securityfocus.com/archive/1/457965/100/200/threaded
http://www.securityfocus.com/bid/22196
http://www.securityfocus.com/bid/23892
http://www.vupen.com/english/advisories/2007/0310
https://exchange.xforce.ibmcloud.com/vulnerabilities/31707
受影响软件情况
# 类型 厂商 产品 版本 影响面
1
运行在以下环境
应用 altdo convert_mp3_master 1.1 -
运行在以下环境
应用 altdo mp3_record_and_edit_audio_master 1.2 -
运行在以下环境
应用 americanshareware mp3_wav_converter 3.1.8 -
运行在以下环境
应用 audio_edit_magic audio_edit_magic 9.2.3_389 -
运行在以下环境
应用 bearshare bearshare 6.0.2.26789 -
运行在以下环境
应用 cdburnerxp cdburnerxp_pro 3.0.116 -
运行在以下环境
应用 cheetahburner cheetah_cd_burner 3.56 -
运行在以下环境
应用 cheetahburner cheetah_dvd_burner 1.79 -
运行在以下环境
应用 code-it_softare abasic_editor 10.1 -
运行在以下环境
应用 code-it_softare wave_mp3_editor 10.1 -
运行在以下环境
应用 dandans_digital_media_products easy_audio_editor 7.4 -
运行在以下环境
应用 dandans_digital_media_products full_audio_converter 4.2 -
运行在以下环境
应用 dandans_digital_media_products music_editing_master 5.2 -
运行在以下环境
应用 dandans_digital_media_products visual_video_converter 4.4 -
运行在以下环境
应用 digital_borneo audio_mixer_and_editor 1.1.0 -
运行在以下环境
应用 easy_ringtone_maker easy_ringtone_maker 2.0.5 -
运行在以下环境
应用 expstudio audio_editor 4.0.2 -
运行在以下环境
应用 iaudiosoft.com absolute_mp3_splitter 2.5.4 -
运行在以下环境
应用 iaudiosoft.com absolute_sound_recorder 3.4.5 -
运行在以下环境
应用 iaudiosoft.com absolute_video_to_audio_converter 2.7.9 -
运行在以下环境
应用 imesh.com imesh 7.0.2.26789 -
运行在以下环境
应用 joshua_mediasoft audio_convertor_plus 2.2 -
运行在以下环境
应用 joshua_mediasoft video_converter_plus 3.01 -
运行在以下环境
应用 j_hepple_products fx_audio_concat 1.2.0_beta -
运行在以下环境
应用 j_hepple_products fx_audio_editor 4.7.11 -
运行在以下环境
应用 j_hepple_products fx_audio_tools 7.3.4 -
运行在以下环境
应用 j_hepple_products fx_magic_music 5.7.7 -
运行在以下环境
应用 j_hepple_products fx_movie_joiner 6.2.8 -
运行在以下环境
应用 j_hepple_products fx_movie_joiner_and_splitter 6.2.8 -
运行在以下环境
应用 j_hepple_products fx_movie_splitter 6.4.7 -
运行在以下环境
应用 j_hepple_products fx_new_sound 5.1.1 -
运行在以下环境
应用 j_hepple_products fx_video_converter 7.51.21 -
运行在以下环境
应用 magicvideosoftare magic_audio_converter 8.2.6_build_719 -
运行在以下环境
应用 magicvideosoftare magic_audio_recorder 5.3.7 -
运行在以下环境
应用 magicvideosoftare magic_music_editor 5.2.2 -
运行在以下环境
应用 mcfunsoft audio_editor 6.3.3_build_489 -
运行在以下环境
应用 mcfunsoft audio_recorder_for_free 6.1 -
运行在以下环境
应用 mcfunsoft audio_studio 6.6.3_build_479 -
运行在以下环境
应用 mcfunsoft ipod_audio_studio 6.2.4 -
运行在以下环境
应用 mcfunsoft ipod_music_converter 5.1 -
运行在以下环境
应用 mcfunsoft recording_to_ipod_solution 5.1 -
运行在以下环境
应用 mediatox aurora_media_workshop 3.3.25 -
运行在以下环境
应用 movavi chiliburner 2.3 -
运行在以下环境
应用 movavi convertmovie 4.4 -
运行在以下环境
应用 movavi dvd_to_ipod 1.0 -
运行在以下环境
应用 movavi splitmovie 1.4 -
运行在以下环境
应用 movavi suite 3.5 -
运行在以下环境
应用 movavi videomessage 1.0 -
运行在以下环境
应用 mp3-soft mp3_normalizer 1.03 -
运行在以下环境
应用 mystik_media_products audioedit_deluxe 4.10 -
运行在以下环境
应用 mystik_media_products blaze_mediaconvert 3.4 -
运行在以下环境
应用 mystik_media_products blaze_media_pro 7.0 -
运行在以下环境
应用 mystik_media_products contextconvert_pro 3.1 -
运行在以下环境
应用 nctsoft_products nctaudioeditor 2.7.1 -
运行在以下环境
应用 nctsoft_products nctaudiofile2 * -
运行在以下环境
应用 nctsoft_products nctaudiostudio 2.7.1 -
运行在以下环境
应用 nctsoft_products nctdialogicvoice 2.7.1 -
运行在以下环境
应用 nextlevel_systems audio_editor_gold 9.2.5_build_424 -
运行在以下环境
应用 nextlevel_systems audio_studio_gold 7.0.1.1_build_500 -
运行在以下环境
应用 quikscribe quikscribe_player 5.022.05 -
运行在以下环境
应用 quikscribe quikscribe_recorder 5.021.29 -
运行在以下环境
应用 recordnrip recordnrip 1.0 -
运行在以下环境
应用 rmbsoft audioconvert 3.1.0.125 -
运行在以下环境
应用 rmbsoft soundedit_pro 2.1 -
运行在以下环境
应用 roemer_software easy_hi-q_converter 1.7 -
运行在以下环境
应用 roemer_software easy_hi-q_recorder 2.0 -
运行在以下环境
应用 roemer_software free_hi-q_recorder 1.9 -
运行在以下环境
应用 sienzo digital_music_mentor 2.6.0.3 -
运行在以下环境
应用 smart_media_systems power_audio_editor 11.0.1 -
运行在以下环境
应用 softdiv_softare dexster 3.0 -
运行在以下环境
应用 softdiv_softare ivideomax 3.9 -
运行在以下环境
应用 softdiv_softare mp3_to_wav_converter 3.0 -
运行在以下环境
应用 softdiv_softare snosh 1.4 -
运行在以下环境
应用 softdiv_softare videozilla 2.5 -
运行在以下环境
应用 virtual_cd virtual_cd 6.0.0.7 -
运行在以下环境
应用 virtual_cd virtual_cd 7.1.0.2 -
运行在以下环境
应用 virtual_cd virtual_cd 8.0.0.6 -
运行在以下环境
应用 virtual_cd virtual_cd_file_server 7.1.0.3 -
运行在以下环境
应用 xrlly_software arial_audio_converter 2.3.40 -
运行在以下环境
应用 xrlly_software arial_sound_recorder 1.4.3 -
运行在以下环境
应用 xrlly_software text_to_speech_maker 1.3.8 -
运行在以下环境
应用 xwaver.com magic_audio_editor_pro 10.3.1_build_476 -
运行在以下环境
应用 xwaver.com magic_music_studio_pro 7.0.2.1_build_500 -
CVSS3评分 9.3
  • 攻击路径 网络
  • 攻击复杂度 N/A
  • 权限要求 无
  • 影响范围 N/A
  • 用户交互 需要
  • 可用性 完全地
  • 保密性 完全地
  • 完整性 完全地
AV:N/AC:M/Au:N/C:C/I:C/A:C CWE-ID 漏洞类型 CWE-119 内存缓冲区边界内操作的限制不恰当