Vulnerabilities > CVE-2007-4963 - Unspecified vulnerability in Winimage 8.0/8.10
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Visual truncation vulnerability in WinImage 8.10 and earlier allows remote attackers to spoof a destination filename via a long sequence of space characters in a filename within a (1) .IMG or (2) .ISO file. NOTE: this can be leveraged with a separate directory traversal vulnerability to trick a careful user into overwriting arbitrary files.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
References
- http://osvdb.org/45948
- http://osvdb.org/45948
- http://securityreason.com/securityalert/3140
- http://securityreason.com/securityalert/3140
- http://www.securityfocus.com/archive/1/479695/100/0/threaded
- http://www.securityfocus.com/archive/1/479695/100/0/threaded
- http://www.securityfocus.com/archive/1/479872/100/100/threaded
- http://www.securityfocus.com/archive/1/479872/100/100/threaded