{ "CVE_data_meta": { "ASSIGNER": "PSIRT-CNA@flexerasoftware.com", "ID": "CVE-2007-0018", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Stack-based buffer overflow in the NCTAudioFile2.AudioFile ActiveX control (NCTAudioFile2.dll), as used by multiple products, allows remote attackers to execute arbitrary code via a long argument to the SetFormatLikeSample function. NOTE: the products include (1) NCTsoft NCTAudioStudio, NCTAudioEditor, and NCTDialogicVoice; (2) Magic Audio Recorder, Music Editor, and Audio Converter; (3) Aurora Media Workshop; DB Audio Mixer And Editor; (4) J. Hepple Products including Fx Audio Editor and others; (5) EXPStudio Audio Editor; (6) iMesh; (7) Quikscribe; (8) RMBSoft AudioConvert and SoundEdit Pro 2.1; (9) CDBurnerXP; (10) Code-it Software Wave MP3 Editor and aBasic Editor; (11) Movavi VideoMessage, DVD to iPod, and others; (12) SoftDiv Software Dexster, iVideoMAX, and others; (13) Sienzo Digital Music Mentor (DMM); (14) MP3 Normalizer; (15) Roemer Software FREE and Easy Hi-Q Recorder, and Easy Hi-Q Converter; (16) Audio Edit Magic; (17) Joshua Video and Audio Converter; (18) Virtual CD; (19) Cheetah CD and DVD Burner; (20) Mystik Media AudioEdit Deluxe, Blaze Media, and others; (21) Power Audio Editor; (22) DanDans Digital Media Full Audio Converter, Music Editing Master, and others; (23) Xrlly Software Text to Speech Makerand Arial Sound Recorder / Audio Converter; (24) Absolute Sound Recorder, Video to Audio Converter, and MP3 Splitter; (25) Easy Ringtone Maker; (26) RecordNRip; (27) McFunSoft iPod Audio Studio, Audio Recorder for Free, and others; (28) MP3 WAV Converter; (29) BearShare 6.0.2.26789; and (30) Oracle Siebel SimBuilder and CRM 7.x." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "23546", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23546" }, { "name": "23892", "refsource": "BID", "url": "http://www.securityfocus.com/bid/23892" }, { "name": "http://secunia.com/secunia_research/2007-7/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2007-7/advisory/" }, { "name": "23535", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23535" }, { "name": "nctaudiofile2-multiple-bo(31707)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31707" }, { "name": "http://secunia.com/secunia_research/2007-12/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2007-12/advisory/" }, { "name": "23562", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23562" }, { "name": "http://secunia.com/secunia_research/2007-27/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2007-27/advisory/" }, { "name": "23536", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23536" }, { "name": "30459", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30459" }, { "name": "30406", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30406" }, { "name": "http://secunia.com/secunia_research/2007-29/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2007-29/advisory/" }, { "name": "http://secunia.com/secunia_research/2007-24/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2007-24/advisory/" }, { "name": "http://secunia.com/secunia_research/2007-8/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2007-8/advisory/" }, { "name": "http://secunia.com/secunia_research/2007-9/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2007-9/advisory/" }, { "name": "http://secunia.com/secunia_research/2007-13/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2007-13/advisory/" }, { "name": "http://secunia.com/secunia_research/2007-20/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2007-20/advisory/" }, { "name": "23553", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23553" }, { "name": "23551", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23551" }, { "name": "23485", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23485" }, { "name": "http://secunia.com/secunia_research/2007-50/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2007-50/advisory/" }, { "name": "23550", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23550" }, { "name": "http://secunia.com/secunia_research/2007-16/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2007-16/advisory/" }, { "name": "30447", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30447" }, { "name": "http://secunia.com/secunia_research/2007-28/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2007-28/advisory/" }, { "name": "23541", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23541" }, { "name": "26046", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/26046" }, { "name": "23534", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23534" }, { "name": "http://secunia.com/secunia_research/2007-15/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2007-15/advisory/" }, { "name": "http://secunia.com/secunia_research/2007-10/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2007-10/advisory/" }, { "name": "http://secunia.com/secunia_research/2007-4/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2007-4/advisory/" }, { "name": "http://secunia.com/secunia_research/2007-18/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2007-18/advisory/" }, { "name": "http://secunia.com/secunia_research/2007-23/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2007-23/advisory/" }, { "name": "23516", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23516" }, { "name": "http://secunia.com/secunia_research/2007-14/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2007-14/advisory/" }, { "name": "http://secunia.com/secunia_research/2007-19/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2007-19/advisory/" }, { "name": "25993", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25993" }, { "name": "http://secunia.com/secunia_research/2007-17/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2007-17/advisory/" }, { "name": "http://secunia.com/secunia_research/2007-31/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2007-31/advisory/" }, { "name": "23495", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23495" }, { "name": "http://secunia.com/secunia_research/2007-32/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2007-32/advisory/" }, { "name": "23558", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23558" }, { "name": "http://secunia.com/secunia_research/2007-33/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2007-33/advisory/" }, { "name": "23544", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23544" }, { "name": "20070124 Secunia Research: NCTsoft Products NCTAudioFile2 ActiveX ControlBuffer Overflow", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/457936/100/200/threaded" }, { "name": "23530", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23530" }, { "name": "23795", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23795" }, { "name": "http://secunia.com/secunia_research/2007-3/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2007-3/advisory/" }, { "name": "23543", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23543" }, { "name": "23552", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23552" }, { "name": "http://secunia.com/blog/6/", "refsource": "MISC", "url": "http://secunia.com/blog/6/" }, { "name": "23475", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23475" }, { "name": "23560", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23560" }, { "name": "30439", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30439" }, { "name": "20070124 Secunia Research: Sienzo Digital Music Mentor NCTAudioFile2ActiveX Control Buffer Overflow", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/457940/100/200/threaded" }, { "name": "http://secunia.com/secunia_research/2007-25/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2007-25/advisory/" }, { "name": "26100", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/26100" }, { "name": "http://secunia.com/secunia_research/2007-34/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2007-34/advisory/" }, { "name": "20070124 Re: Secunia Research: NCTsoft Products NCTAudioFile2 ActiveXControl Buffer Overflow", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/457965/100/200/threaded" }, { "name": "http://secunia.com/secunia_research/2007-21/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2007-21/advisory/" }, { "name": "23548", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23548" }, { "name": "30446", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30446" }, { "name": "30424", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30424" }, { "name": "23561", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23561" }, { "name": "23557", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23557" }, { "name": "http://secunia.com/secunia_research/2007-6/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2007-6/advisory/" }, { "name": "http://secunia.com/secunia_research/2007-30/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2007-30/advisory/" }, { "name": "23745", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23745" }, { "name": "28407", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28407" }, { "name": "23493", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23493" }, { "name": "23511", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23511" }, { "name": "ADV-2007-0310", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/0310" }, { "name": "23565", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23565" }, { "name": "http://secunia.com/secunia_research/2007-5/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2007-5/advisory/" }, { "name": "http://secunia.com/secunia_research/2007-11/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2007-11/advisory/" }, { "name": "http://secunia.com/secunia_research/2007-22/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2007-22/advisory/" }, { "name": "http://secunia.com/secunia_research/2007-26/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2007-26/advisory/" }, { "name": "22922", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22922" }, { "name": "30450", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30450" }, { "name": "http://secunia.com/secunia_research/2007-2/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2007-2/advisory/" }, { "name": "23568", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23568" }, { "name": "23532", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23532" }, { "name": "26101", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/26101" }, { "name": "23753", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23753" }, { "name": "23542", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23542" }, { "name": "VU#292713", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/292713" }, { "name": "23554", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23554" }, { "name": "22196", "refsource": "BID", "url": "http://www.securityfocus.com/bid/22196" } ] } }