CVE-2007-6510

Multiple stack-based buffer overflows in ProWizard 4 PC (prowiz) 1.62 and earlier allow remote attackers to execute arbitrary code via a crafted file to the (1) AMOS-MusicBank, (2) FuzzacPacker, and (3) QuadraComposer rippers; and (4) have an unknown impact via a crafted file to the SkytPacker ripper.

Link	Resource
http://aluigi.altervista.org/adv/prowizbof-adv.txt
http://aluigi.org/poc/prowizbof.zip
http://www.securityfocus.com/bid/26953
http://secunia.com/advisories/28173	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/39152

Configuration 1

cpe:2.3:a:prowizard:prowizard_4_pc:1.49.3:*:*:*:*:*:*:* cpe:2.3:a:prowizard:prowizard_4_pc:1.60:*:*:*:*:*:*:* cpe:2.3:a:prowizard:prowizard_4_pc:1.50b1:*:*:*:*:*:*:* cpe:2.3:a:prowizard:prowizard_4_pc:1.49.4:*:*:*:*:*:*:* cpe:2.3:a:prowizard:prowizard_4_pc:1.49.0:*:*:*:*:*:*:* cpe:2.3:a:prowizard:prowizard_4_pc:1.50b3:*:*:*:*:*:*:* cpe:2.3:a:prowizard:prowizard_4_pc:*:*:*:*:*:*:*:* cpe:2.3:a:prowizard:prowizard_4_pc:1.52:*:*:*:*:*:*:* cpe:2.3:a:prowizard:prowizard_4_pc:1.49.2:*:*:*:*:*:*:* cpe:2.3:a:prowizard:prowizard_4_pc:1.46:*:*:*:*:*:*:* cpe:2.3:a:prowizard:prowizard_4_pc:1.51:*:*:*:*:*:*:* cpe:2.3:a:prowizard:prowizard_4_pc:1.48:*:*:*:*:*:*:* cpe:2.3:a:prowizard:prowizard_4_pc:1.47:*:*:*:*:*:*:* cpe:2.3:a:prowizard:prowizard_4_pc:1.50b2:*:*:*:*:*:*:* cpe:2.3:a:prowizard:prowizard_4_pc:1.61:*:*:*:*:*:*:* cpe:2.3:a:prowizard:prowizard_4_pc:1.44.005:*:*:*:*:*:*:* cpe:2.3:a:prowizard:prowizard_4_pc:1.50:*:*:*:*:*:*:* cpe:2.3:a:prowizard:prowizard_4_pc:1.40:*:*:*:*:*:*:* cpe:2.3:a:prowizard:prowizard_4_pc:1.45.c3:*:*:*:*:*:*:* cpe:2.3:a:prowizard:prowizard_4_pc:1.49.1:*:*:*:*:*:*:* cpe:2.3:a:prowizard:prowizard_4_pc:1.0:*:*:*:*:*:*:*

---

Published : 2007-12-21 07:46

Updated : 2017-08-08 01:29

---

NVD link : CVE-2007-6510

Mitre link : CVE-2007-6510

No products.

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer