CVE-2007-3314

Stack-based buffer overflow in peviewer.spl in Altap Servant Salamander 2.5 with Portable Executable Viewer 2.02 (English Trial), and 2.0 with Portable Executable Viewer 1.00 (English Trial), allows remote attackers to execute arbitrary code via a long PDB debug filename in a PE file.

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://vuln.sg/salamander25-en.html	Exploit
http://secunia.com/advisories/25732	Vendor Advisory
http://www.securityfocus.com/bid/24557
http://osvdb.org/37579
http://www.vupen.com/english/advisories/2007/2268
https://exchange.xforce.ibmcloud.com/vulnerabilities/34938

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:altap:servant_salamander:2.5:::::::*
	cpe:2.3:a:altap:portable_executable_viewer:2.02::english_trial:::::

Configuration 2 (hide)

OR	cpe:2.3:a:altap:portable_executable_viewer:1.00::english_trial:::::
	cpe:2.3:a:altap:servant_salamander:2.0:::::::*

Information

Published : 2007-06-21 11:30

Updated : 2017-07-28 18:32

NVD link : CVE-2007-3314

Mitre link : CVE-2007-3314

JSON object : View

CWE

NVD-CWE-Other

Advertisement

Products Affected

altap

servant_salamander
portable_executable_viewer

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://vuln.sg/salamander25-en.html", "name": "http://vuln.sg/salamander25-en.html", "tags": ["Exploit"], "refsource": "MISC"}, {"url": "http://secunia.com/advisories/25732", "name": "25732", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.securityfocus.com/bid/24557", "name": "24557", "tags": [], "refsource": "BID"}, {"url": "http://osvdb.org/37579", "name": "37579", "tags": [], "refsource": "OSVDB"}, {"url": "http://www.vupen.com/english/advisories/2007/2268", "name": "ADV-2007-2268", "tags": [], "refsource": "VUPEN"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34938", "name": "salamander-peviewer-bo(34938)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Stack-based buffer overflow in peviewer.spl in Altap Servant Salamander 2.5 with Portable Executable Viewer 2.02 (English Trial), and 2.0 with Portable Executable Viewer 1.00 (English Trial), allows remote attackers to execute arbitrary code via a long PDB debug filename in a PE file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2007-3314", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": true}}, "publishedDate": "2007-06-21T18:30Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:altap:servant_salamander:2.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:altap:portable_executable_viewer:2.02:*:english_trial:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:altap:portable_executable_viewer:1.00:*:english_trial:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:altap:servant_salamander:2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-07-29T01:32Z"}