CVE-2007-0320

high

Description

Multiple buffer overflows in (a) an ActiveX control (iftw.dll) and (b) Netscape plug-in (npiftw32.dll) for Macrovision (formerly InstallShield) InstallFromTheWeb allow remote attackers to execute arbitrary code via crafted HTML documents.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/32645

http://www.vupen.com/english/advisories/2007/0705

http://www.securityfocus.com/bid/22672

http://www.kb.cert.org/vuls/id/MAPG-6UQUDP

http://www.kb.cert.org/vuls/id/181041

http://secunia.com/advisories/24285

http://osvdb.org/33531

http://osvdb.org/33530

Details

Source: Mitre, NVD

Published: 2007-02-23

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H