CVE Vulnerability

CVE-2007-0164

Camouflage 1.2.1 embeds password information in the carrier file, which allows remote attackers to bypass authentication requirements and decrypt embedded steganography by replacing certain bytes of the JPEG image with alternate password information.

7.8 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 10 / Impact : 6.9

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact COMPLETE

Integrity Impact NONE

Availability Impact NONE

Scope

References
Link Resource
http://homepage.mac.com/adonismac/Advisory/steg/camouflage.html Exploit Vendor Advisory
http://www.securityfocus.com/bid/21939
http://secunia.com/advisories/23578 Vendor Advisory
http://osvdb.org/32651
https://exchange.xforce.ibmcloud.com/vulnerabilities/31375
http://www.securityfocus.com/archive/1/456541/100/0/threaded
Configurations

Configuration 1

cpe:2.3:a:camouflage:camouflage:1.2.1:*:*:*:*:*:*:*
Information

Published : 2007-01-10 12:28

Updated : 2018-10-16 04:31

NVD link : CVE-2007-0164

Mitre link : CVE-2007-0164

Products Affected
No products.
CWE
CWE-602