CVE-2007-3695

EPSS 1.28%
Veröffentlicht 11.07.2007 22:30:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Buffer overflow in LICRCMD.EXE in CA ERwin Process Modeler (formerly AllFusion Process Modeler) 7.1 allows attackers to execute arbitrary code via a long filename.  NOTE: the researcher does not suggest any circumstances in which the filename would come from an untrusted source, and therefore perhaps the issue does not cross privilege boundaries and should not be included in CVE.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Broadcom ≫ Erwin Process Modeler Version7.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.28%	0.777

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

http://osvdb.org/39597

http://www.eleytt.com/advisories/eleytt_ALLFUSIONLICRCMD.pdf

Vendor Advisory

http://www.securityfocus.com/bid/24817

https://nvd.nist.gov/vuln/detail/CVE-2007-3695

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-3695

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-3695

EUVD