Vulnerabilities > CVE-2007-0164 - Unspecified vulnerability in Camouflage 1.2.1

CVSS 7.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

NONE

Availability impact

NONE

network

low complexity

camouflage

NVD

Published: 2007-01-10

Updated: 2018-10-16

Summary

Camouflage 1.2.1 embeds password information in the carrier file, which allows remote attackers to bypass authentication requirements and decrypt embedded steganography by replacing certain bytes of the JPEG image with alternate password information.

Vulnerable Configurations

Part	Description	Count
Application	Camouflage Camouflage Camouflage 1.2.1	1

References

http://homepage.mac.com/adonismac/Advisory/steg/camouflage.html
http://osvdb.org/32651
http://secunia.com/advisories/23578
http://www.securityfocus.com/archive/1/456541/100/0/threaded
http://www.securityfocus.com/bid/21939
https://exchange.xforce.ibmcloud.com/vulnerabilities/31375