CVE - CVE-2007-0018

CVE-ID
CVE-2007-0018	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Stack-based buffer overflow in the NCTAudioFile2.AudioFile ActiveX control (NCTAudioFile2.dll), as used by multiple products, allows remote attackers to execute arbitrary code via a long argument to the SetFormatLikeSample function. NOTE: the products include (1) NCTsoft NCTAudioStudio, NCTAudioEditor, and NCTDialogicVoice; (2) Magic Audio Recorder, Music Editor, and Audio Converter; (3) Aurora Media Workshop; DB Audio Mixer And Editor; (4) J. Hepple Products including Fx Audio Editor and others; (5) EXPStudio Audio Editor; (6) iMesh; (7) Quikscribe; (8) RMBSoft AudioConvert and SoundEdit Pro 2.1; (9) CDBurnerXP; (10) Code-it Software Wave MP3 Editor and aBasic Editor; (11) Movavi VideoMessage, DVD to iPod, and others; (12) SoftDiv Software Dexster, iVideoMAX, and others; (13) Sienzo Digital Music Mentor (DMM); (14) MP3 Normalizer; (15) Roemer Software FREE and Easy Hi-Q Recorder, and Easy Hi-Q Converter; (16) Audio Edit Magic; (17) Joshua Video and Audio Converter; (18) Virtual CD; (19) Cheetah CD and DVD Burner; (20) Mystik Media AudioEdit Deluxe, Blaze Media, and others; (21) Power Audio Editor; (22) DanDans Digital Media Full Audio Converter, Music Editing Master, and others; (23) Xrlly Software Text to Speech Makerand Arial Sound Recorder / Audio Converter; (24) Absolute Sound Recorder, Video to Audio Converter, and MP3 Splitter; (25) Easy Ringtone Maker; (26) RecordNRip; (27) McFunSoft iPod Audio Studio, Audio Recorder for Free, and others; (28) MP3 WAV Converter; (29) BearShare 6.0.2.26789; and (30) Oracle Siebel SimBuilder and CRM 7.x.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:22196 URL:http://www.securityfocus.com/bid/22196 BID:23892 URL:http://www.securityfocus.com/bid/23892 BUGTRAQ:20070124 Re: Secunia Research: NCTsoft Products NCTAudioFile2 ActiveXControl Buffer Overflow URL:http://www.securityfocus.com/archive/1/457965/100/200/threaded BUGTRAQ:20070124 Secunia Research: NCTsoft Products NCTAudioFile2 ActiveX ControlBuffer Overflow URL:http://www.securityfocus.com/archive/1/457936/100/200/threaded BUGTRAQ:20070124 Secunia Research: Sienzo Digital Music Mentor NCTAudioFile2ActiveX Control Buffer Overflow URL:http://www.securityfocus.com/archive/1/457940/100/200/threaded CERT-VN:VU#292713 URL:http://www.kb.cert.org/vuls/id/292713 MISC:http://secunia.com/blog/6/ MISC:http://secunia.com/secunia_research/2007-10/advisory/ MISC:http://secunia.com/secunia_research/2007-11/advisory/ MISC:http://secunia.com/secunia_research/2007-12/advisory/ MISC:http://secunia.com/secunia_research/2007-13/advisory/ MISC:http://secunia.com/secunia_research/2007-14/advisory/ MISC:http://secunia.com/secunia_research/2007-15/advisory/ MISC:http://secunia.com/secunia_research/2007-16/advisory/ MISC:http://secunia.com/secunia_research/2007-17/advisory/ MISC:http://secunia.com/secunia_research/2007-18/advisory/ MISC:http://secunia.com/secunia_research/2007-19/advisory/ MISC:http://secunia.com/secunia_research/2007-2/advisory/ MISC:http://secunia.com/secunia_research/2007-20/advisory/ MISC:http://secunia.com/secunia_research/2007-21/advisory/ MISC:http://secunia.com/secunia_research/2007-22/advisory/ MISC:http://secunia.com/secunia_research/2007-23/advisory/ MISC:http://secunia.com/secunia_research/2007-24/advisory/ MISC:http://secunia.com/secunia_research/2007-25/advisory/ MISC:http://secunia.com/secunia_research/2007-26/advisory/ MISC:http://secunia.com/secunia_research/2007-27/advisory/ MISC:http://secunia.com/secunia_research/2007-28/advisory/ MISC:http://secunia.com/secunia_research/2007-29/advisory/ MISC:http://secunia.com/secunia_research/2007-3/advisory/ MISC:http://secunia.com/secunia_research/2007-30/advisory/ MISC:http://secunia.com/secunia_research/2007-31/advisory/ MISC:http://secunia.com/secunia_research/2007-32/advisory/ MISC:http://secunia.com/secunia_research/2007-33/advisory/ MISC:http://secunia.com/secunia_research/2007-34/advisory/ MISC:http://secunia.com/secunia_research/2007-4/advisory/ MISC:http://secunia.com/secunia_research/2007-5/advisory/ MISC:http://secunia.com/secunia_research/2007-50/advisory/ MISC:http://secunia.com/secunia_research/2007-6/advisory/ MISC:http://secunia.com/secunia_research/2007-7/advisory/ MISC:http://secunia.com/secunia_research/2007-8/advisory/ MISC:http://secunia.com/secunia_research/2007-9/advisory/ SECUNIA:22922 URL:http://secunia.com/advisories/22922 SECUNIA:23475 URL:http://secunia.com/advisories/23475 SECUNIA:23485 URL:http://secunia.com/advisories/23485 SECUNIA:23493 URL:http://secunia.com/advisories/23493 SECUNIA:23495 URL:http://secunia.com/advisories/23495 SECUNIA:23511 URL:http://secunia.com/advisories/23511 SECUNIA:23516 URL:http://secunia.com/advisories/23516 SECUNIA:23530 URL:http://secunia.com/advisories/23530 SECUNIA:23532 URL:http://secunia.com/advisories/23532 SECUNIA:23534 URL:http://secunia.com/advisories/23534 SECUNIA:23535 URL:http://secunia.com/advisories/23535 SECUNIA:23536 URL:http://secunia.com/advisories/23536 SECUNIA:23541 URL:http://secunia.com/advisories/23541 SECUNIA:23542 URL:http://secunia.com/advisories/23542 SECUNIA:23543 URL:http://secunia.com/advisories/23543 SECUNIA:23544 URL:http://secunia.com/advisories/23544 SECUNIA:23546 URL:http://secunia.com/advisories/23546 SECUNIA:23548 URL:http://secunia.com/advisories/23548 SECUNIA:23550 URL:http://secunia.com/advisories/23550 SECUNIA:23551 URL:http://secunia.com/advisories/23551 SECUNIA:23552 URL:http://secunia.com/advisories/23552 SECUNIA:23553 URL:http://secunia.com/advisories/23553 SECUNIA:23554 URL:http://secunia.com/advisories/23554 SECUNIA:23557 URL:http://secunia.com/advisories/23557 SECUNIA:23558 URL:http://secunia.com/advisories/23558 SECUNIA:23560 URL:http://secunia.com/advisories/23560 SECUNIA:23561 URL:http://secunia.com/advisories/23561 SECUNIA:23562 URL:http://secunia.com/advisories/23562 SECUNIA:23565 URL:http://secunia.com/advisories/23565 SECUNIA:23568 URL:http://secunia.com/advisories/23568 SECUNIA:23745 URL:http://secunia.com/advisories/23745 SECUNIA:23753 URL:http://secunia.com/advisories/23753 SECUNIA:23795 URL:http://secunia.com/advisories/23795 SECUNIA:25993 URL:http://secunia.com/advisories/25993 SECUNIA:26046 URL:http://secunia.com/advisories/26046 SECUNIA:26100 URL:http://secunia.com/advisories/26100 SECUNIA:26101 URL:http://secunia.com/advisories/26101 SECUNIA:28407 URL:http://secunia.com/advisories/28407 SECUNIA:30406 URL:http://secunia.com/advisories/30406 SECUNIA:30424 URL:http://secunia.com/advisories/30424 SECUNIA:30439 URL:http://secunia.com/advisories/30439 SECUNIA:30446 URL:http://secunia.com/advisories/30446 SECUNIA:30447 URL:http://secunia.com/advisories/30447 SECUNIA:30450 URL:http://secunia.com/advisories/30450 SECUNIA:30459 URL:http://secunia.com/advisories/30459 VUPEN:ADV-2007-0310 URL:~~http://www.vupen.com/english/advisories/2007/0310~~ (Obsolete source) XF:nctaudiofile2-multiple-bo(31707) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/31707
Assigning CNA
Flexera Software LLC
Date Record Created
20070102	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20070102)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)