U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

CVE-2007-0018 Detail

Current Description

Stack-based buffer overflow in the NCTAudioFile2.AudioFile ActiveX control (NCTAudioFile2.dll), as used by multiple products, allows remote attackers to execute arbitrary code via a long argument to the SetFormatLikeSample function. NOTE: the products include (1) NCTsoft NCTAudioStudio, NCTAudioEditor, and NCTDialogicVoice; (2) Magic Audio Recorder, Music Editor, and Audio Converter; (3) Aurora Media Workshop; DB Audio Mixer And Editor; (4) J. Hepple Products including Fx Audio Editor and others; (5) EXPStudio Audio Editor; (6) iMesh; (7) Quikscribe; (8) RMBSoft AudioConvert and SoundEdit Pro 2.1; (9) CDBurnerXP; (10) Code-it Software Wave MP3 Editor and aBasic Editor; (11) Movavi VideoMessage, DVD to iPod, and others; (12) SoftDiv Software Dexster, iVideoMAX, and others; (13) Sienzo Digital Music Mentor (DMM); (14) MP3 Normalizer; (15) Roemer Software FREE and Easy Hi-Q Recorder, and Easy Hi-Q Converter; (16) Audio Edit Magic; (17) Joshua Video and Audio Converter; (18) Virtual CD; (19) Cheetah CD and DVD Burner; (20) Mystik Media AudioEdit Deluxe, Blaze Media, and others; (21) Power Audio Editor; (22) DanDans Digital Media Full Audio Converter, Music Editing Master, and others; (23) Xrlly Software Text to Speech Makerand Arial Sound Recorder / Audio Converter; (24) Absolute Sound Recorder, Video to Audio Converter, and MP3 Splitter; (25) Easy Ringtone Maker; (26) RecordNRip; (27) McFunSoft iPod Audio Studio, Audio Recorder for Free, and others; (28) MP3 WAV Converter; (29) BearShare 6.0.2.26789; and (30) Oracle Siebel SimBuilder and CRM 7.x.


View Analysis Description

Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:

NIST CVSS score
NIST: NVD
N/A
NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

URL Source(s) Tag(s)
http://secunia.com/advisories/22922 CVE, Flexera Software LLC
http://secunia.com/advisories/23475 CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/advisories/23485 CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/advisories/23493 CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/advisories/23495 CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/advisories/23511 CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/advisories/23516 CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/advisories/23530 CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/advisories/23532 CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/advisories/23534 CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/advisories/23535 CVE, Flexera Software LLC
http://secunia.com/advisories/23536 CVE, Flexera Software LLC
http://secunia.com/advisories/23541 CVE, Flexera Software LLC
http://secunia.com/advisories/23542 CVE, Flexera Software LLC
http://secunia.com/advisories/23543 CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/advisories/23544 CVE, Flexera Software LLC
http://secunia.com/advisories/23546 CVE, Flexera Software LLC
http://secunia.com/advisories/23548 CVE, Flexera Software LLC
http://secunia.com/advisories/23550 CVE, Flexera Software LLC
http://secunia.com/advisories/23551 CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/advisories/23552 CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/advisories/23553 CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/advisories/23554 CVE, Flexera Software LLC
http://secunia.com/advisories/23557 CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/advisories/23558 CVE, Flexera Software LLC
http://secunia.com/advisories/23560 CVE, Flexera Software LLC
http://secunia.com/advisories/23561 CVE, Flexera Software LLC
http://secunia.com/advisories/23562 CVE, Flexera Software LLC
http://secunia.com/advisories/23565 CVE, Flexera Software LLC
http://secunia.com/advisories/23568 CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/advisories/23745 CVE, Flexera Software LLC
http://secunia.com/advisories/23753 CVE, Flexera Software LLC
http://secunia.com/advisories/23795 CVE, Flexera Software LLC
http://secunia.com/advisories/25993 CVE, Flexera Software LLC
http://secunia.com/advisories/26046 CVE, Flexera Software LLC
http://secunia.com/advisories/26100 CVE, Flexera Software LLC
http://secunia.com/advisories/26101 CVE, Flexera Software LLC
http://secunia.com/advisories/28407 CVE, Flexera Software LLC
http://secunia.com/advisories/30406 CVE, Flexera Software LLC
http://secunia.com/advisories/30424 CVE, Flexera Software LLC
http://secunia.com/advisories/30439 CVE, Flexera Software LLC
http://secunia.com/advisories/30446 CVE, Flexera Software LLC
http://secunia.com/advisories/30447 CVE, Flexera Software LLC
http://secunia.com/advisories/30450 CVE, Flexera Software LLC
http://secunia.com/advisories/30459 CVE, Flexera Software LLC
http://secunia.com/blog/6/ CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/secunia_research/2007-10/advisory/ CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/secunia_research/2007-11/advisory/ CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/secunia_research/2007-12/advisory/ CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/secunia_research/2007-13/advisory/ CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/secunia_research/2007-14/advisory/ CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/secunia_research/2007-15/advisory/ CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/secunia_research/2007-16/advisory/ CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/secunia_research/2007-17/advisory/ CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/secunia_research/2007-18/advisory/ CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/secunia_research/2007-19/advisory/ CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/secunia_research/2007-2/advisory/ CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/secunia_research/2007-20/advisory/ CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/secunia_research/2007-21/advisory/ CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/secunia_research/2007-22/advisory/ CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/secunia_research/2007-23/advisory/ CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/secunia_research/2007-24/advisory/ CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/secunia_research/2007-25/advisory/ CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/secunia_research/2007-26/advisory/ CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/secunia_research/2007-27/advisory/ CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/secunia_research/2007-28/advisory/ CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/secunia_research/2007-29/advisory/ CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/secunia_research/2007-3/advisory/ CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/secunia_research/2007-30/advisory/ CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/secunia_research/2007-31/advisory/ CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/secunia_research/2007-32/advisory/ CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/secunia_research/2007-33/advisory/ CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/secunia_research/2007-34/advisory/ CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/secunia_research/2007-4/advisory/ CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/secunia_research/2007-5/advisory/ CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/secunia_research/2007-50/advisory/ CVE, Flexera Software LLC
http://secunia.com/secunia_research/2007-6/advisory/ CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/secunia_research/2007-7/advisory/ CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/secunia_research/2007-8/advisory/ CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/secunia_research/2007-9/advisory/ CVE, Flexera Software LLC Vendor Advisory 
http://www.kb.cert.org/vuls/id/292713 CVE, Flexera Software LLC US Government Resource 
http://www.securityfocus.com/archive/1/457936/100/200/threaded CVE, Flexera Software LLC
http://www.securityfocus.com/archive/1/457940/100/200/threaded CVE, Flexera Software LLC
http://www.securityfocus.com/archive/1/457965/100/200/threaded CVE, Flexera Software LLC
http://www.securityfocus.com/bid/22196 CVE, Flexera Software LLC
http://www.securityfocus.com/bid/23892 CVE, Flexera Software LLC
http://www.vupen.com/english/advisories/2007/0310 CVE, Flexera Software LLC
https://exchange.xforce.ibmcloud.com/vulnerabilities/31707 CVE, Flexera Software LLC

Weakness Enumeration

CWE-ID CWE Name Source
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer cwe source acceptance level NIST  

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History

5 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2007-0018
NVD Published Date:
01/24/2007
NVD Last Modified:
04/08/2025
Source:
Flexera Software LLC