Vulnerabilities > CVE-2007-1074 - Remote Buffer Overflow vulnerability in NewsBin Pro NBI File
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Multiple buffer overflows in NewsBin Pro 5.33 and NewsBin Pro 4.x allow user-assisted remote attackers to execute arbitrary code via a long (1) DataPath or (2) DownloadPath attributed in a (a) NBI file, or (3) a long group field in a (b) NZB file. Successful exploitation allows execution of arbitrary code, but requires that the user is tricked into e.g. loading a malicious NBI configuration file.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Exploit-Db
| description | News Bin Pro 5.33 (.NBI File) Local Buffer Overflow Exploit. CVE-2007-1074. Local exploit for windows platform |
| file | exploits/windows/local/3349.c |
| id | EDB-ID:3349 |
| last seen | 2016-01-31 |
| modified | 2007-02-21 |
| platform | windows |
| port | |
| published | 2007-02-21 |
| reporter | Marsu |
| source | https://www.exploit-db.com/download/3349/ |
| title | News Bin Pro 5.33 - .NBI Local Buffer Overflow Exploit |
| type | local |
References
- http://osvdb.org/33377
- http://osvdb.org/33378
- http://secunia.com/advisories/24261
- http://www.securityfocus.com/bid/22652
- http://www.vupen.com/english/advisories/2007/0694
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32598
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32608
- https://www.exploit-db.com/exploits/3349