Vulnerabilities > CVE-2007-3493

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

microsoft

nctsoft-products

exploit available

NVD

Published: 2007-06-29

Updated: 2024-11-21

Summary

A certain ActiveX control in NCTWavChunksEditor2.dll 2.6.1.148 in NCTAudioStudio (NCTAudioStudio2) 2.7, as used by Sienzo DMM and probably other products, allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the CreateFile method, a different product than CVE-2007-3400.

Vulnerable Configurations

Part	Description	Count
OS	Microsoft Microsoft Windows XP *	1
Application	Microsoft Microsoft Internet Explorer 7.0	1
Application	Nctsoft_Products Nctsoft Products Nctaudiostudio 2.7 Nctsoft Products Nctwavchunkseditor2.Dll 2.6.1.148	2

Exploit-Db

description	NCTAudioStudio2 ActiveX DLL 2.6.1.148 CreateFile() Insecure Method. CVE-2007-3493. Remote exploit for windows platform
file	exploits/windows/remote/4109.html
id	EDB-ID:4109
last seen	2016-01-31
modified	2007-06-26
platform	windows
port
published	2007-06-26
reporter	shinnai
source	https://www.exploit-db.com/download/4109/
title	NCTAudioStudio2 - ActiveX DLL 2.6.1.148 CreateFile Insecure Method
type	remote

Vulnerabilities > CVE-2007-3493 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2007-3493"}]}

Summary

Vulnerable Configurations

Exploit-Db

References

Vulnerabilities > CVE-2007-3493