ID CVE-2007-3695
Summary Buffer overflow in LICRCMD.EXE in CA ERwin Process Modeler (formerly AllFusion Process Modeler) 7.1 allows attackers to execute arbitrary code via a long filename. NOTE: the researcher does not suggest any circumstances in which the filename would come from an untrusted source, and therefore perhaps the issue does not cross privilege boundaries and should not be included in CVE.
References
Vulnerable Configurations
  • cpe:2.3:a:broadcom:erwin_process_modeler:7.1:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:erwin_process_modeler:7.1:*:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 09-04-2021 - 13:53)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bid 24817
misc http://www.eleytt.com/advisories/eleytt_ALLFUSIONLICRCMD.pdf
osvdb 39597
Last major update 09-04-2021 - 13:53
Published 11-07-2007 - 22:30
Last modified 09-04-2021 - 13:53
Back to Top