Vulnerabilities > CVE-2007-3829 - Remote Buffer Overflow vulnerability in InterActual Player IAMCE and IAKey
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Multiple stack-based buffer overflows in (a) InterActual Player 2.60.12.0717 and (b) Roxio CinePlayer 3.2 allow remote attackers to execute arbitrary code via a (1) long FailURL attribute in the IAMCE ActiveX Control (IAMCE.dll) or a (2) long URLCode attribute in the IAKey ActiveX Control (IAKey.dll). NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 | |
| Application | 1 |
References
- http://osvdb.org/37717
- http://osvdb.org/37718
- http://secunia.com/advisories/25718
- http://secunia.com/advisories/25739
- http://www.kb.cert.org/vuls/id/470913
- http://www.kb.cert.org/vuls/id/916897
- http://www.securityfocus.com/bid/24919
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35422
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35423