CVE-2007-0324 - Multiple buffer overflows in the LizardTech DjVu Browser Plug-in before 6.1.1 allow remote attackers

CVE-2007-0324

Summary

Multiple buffer overflows in the LizardTech DjVu Browser Plug-in before 6.1.1 allow remote attackers to execute arbitrary code via unspecified vectors.

References

Vulnerable Configurations

cpe:2.3:a:lizardtech:djvu_browser_plug-in:6.0:*:*:*:*:*:*:*
cpe:2.3:a:lizardtech:djvu_browser_plug-in:6.0:*:*:*:*:*:*:*
cpe:2.3:a:lizardtech:djvu_browser_plug-in:6.0.1:*:*:*:*:*:*:*
cpe:2.3:a:lizardtech:djvu_browser_plug-in:6.0.1:*:*:*:*:*:*:*
cpe:2.3:a:lizardtech:djvu_browser_plug-in:6.1:*:*:*:*:*:*:*
cpe:2.3:a:lizardtech:djvu_browser_plug-in:6.1:*:*:*:*:*:*:*

CVSS

Base:	7.5 (as of 16-10-2018 - 16:32)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

refmap via4

bid	22569
bugtraq	20070215 Lizardtech DjVu Browser Plug-in - Multiple Vulnerabilities
cert-vn	VU#522393
misc	http://www.lizardtech.com/products/doc/djvupluginrelease.php
osvdb	33199
secunia	24149
sreason	2259
vupen	ADV-2007-0618
xf	djvu-browser-multiple-bo(32510)

Last major update

16-10-2018 - 16:32

Published

15-02-2007 - 23:28

Last modified

16-10-2018 - 16:32