CVE-2007-1559 - Multiple stack-based buffer overflows in SonicDVDDashVRNav.dll in Roxio CinePlayer 3.2 allow remote

CVE-2007-1559

Summary

Multiple stack-based buffer overflows in SonicDVDDashVRNav.dll in Roxio CinePlayer 3.2 allow remote attackers to execute arbitrary code via (1) unspecified long property values to SonicMediaPlayer.dll or (2) long arguments to unspecified methods in SonicMediaPlayer.dll.

References

http://osvdb.org/34779
http://secunia.com/advisories/22251
http://secunia.com/secunia_research/2007-46/advisory/
http://www.securityfocus.com/bid/23412
http://www.securitytracker.com/id?1017906
http://www.vupen.com/english/advisories/2007/1337
https://exchange.xforce.ibmcloud.com/vulnerabilities/33590

Vulnerable Configurations

cpe:2.3:a:roxio:cineplayer:3.2:*:*:*:*:*:*:*
cpe:2.3:a:roxio:cineplayer:3.2:*:*:*:*:*:*:*

CVSS

Base:	9.3 (as of 29-07-2017 - 01:30)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:M/Au:N/C:C/I:C/A:C

refmap via4

bid	23412
misc	http://secunia.com/secunia_research/2007-46/advisory/
osvdb	34779
sectrack	1017906
secunia	22251
vupen	ADV-2007-1337
xf	cineplayer-sonicmediaplayer-bo(33590)

Last major update

29-07-2017 - 01:30

Published

11-04-2007 - 22:19

Last modified

29-07-2017 - 01:30