Vulnerabilities > CVE-2007-3695 - Unspecified vulnerability in Broadcom Erwin Process Modeler 7.1

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

broadcom

critical

NVD

Published: 2007-07-11

Updated: 2021-04-09

Summary

Buffer overflow in LICRCMD.EXE in CA ERwin Process Modeler (formerly AllFusion Process Modeler) 7.1 allows attackers to execute arbitrary code via a long filename. NOTE: the researcher does not suggest any circumstances in which the filename would come from an untrusted source, and therefore perhaps the issue does not cross privilege boundaries and should not be included in CVE.

Vulnerable Configurations

Part	Description	Count
Application	Broadcom Broadcom Erwin Process Modeler 7.1	1

References

http://osvdb.org/39597
http://www.eleytt.com/advisories/eleytt_ALLFUSIONLICRCMD.pdf
http://www.securityfocus.com/bid/24817