製品・ソフトウェアに関する情報
Vulnerability Search
複数の製品で使用される NCTAudioFile2.dll におけるスタックベースのバッファオーバーフローの脆弱性
Title 複数の製品で使用される NCTAudioFile2.dll におけるスタックベースのバッファオーバーフローの脆弱性
Summary

複数の製品で使用される NCTAudioFile2.AudioFile ActiveX コントロール (NCTAudioFile2.dll) には、スタックベースのバッファオーバーフローの脆弱性が存在します。

Possible impacts 第三者により、SetFormatLikeSample 関数への過度に長い引数を介して、任意のコードを実行される可能性があります。
Solution

ベンダ情報および参考情報を参照して適切な対策を実施してください。
Publication Date Jan. 24, 2007, midnight
Registration Date June 26, 2012, 3:38 p.m.
Last Update June 26, 2012, 3:38 p.m.
CVSS2.0 : 危険
Score 9.3
Vector AV:N/AC:M/Au:N/C:C/I:C/A:C
Affected System
nctsoft products
nctaudiofile2 
CVE (情報セキュリティ 共通脆弱性識別子)
CWE (共通脆弱性タイプ一覧)
ベンダー情報
その他
Change Log
No Changed Details Date of change
0 [2012年06月26日]
  掲載		 Feb. 17, 2018, 10:37 a.m.
NVD Vulnerability Information
CVE-2007-0018
Summary

Stack-based buffer overflow in the NCTAudioFile2.AudioFile ActiveX control (NCTAudioFile2.dll), as used by multiple products, allows remote attackers to execute arbitrary code via a long argument to the SetFormatLikeSample function. NOTE: the products include (1) NCTsoft NCTAudioStudio, NCTAudioEditor, and NCTDialogicVoice; (2) Magic Audio Recorder, Music Editor, and Audio Converter; (3) Aurora Media Workshop; DB Audio Mixer And Editor; (4) J. Hepple Products including Fx Audio Editor and others; (5) EXPStudio Audio Editor; (6) iMesh; (7) Quikscribe; (8) RMBSoft AudioConvert and SoundEdit Pro 2.1; (9) CDBurnerXP; (10) Code-it Software Wave MP3 Editor and aBasic Editor; (11) Movavi VideoMessage, DVD to iPod, and others; (12) SoftDiv Software Dexster, iVideoMAX, and others; (13) Sienzo Digital Music Mentor (DMM); (14) MP3 Normalizer; (15) Roemer Software FREE and Easy Hi-Q Recorder, and Easy Hi-Q Converter; (16) Audio Edit Magic; (17) Joshua Video and Audio Converter; (18) Virtual CD; (19) Cheetah CD and DVD Burner; (20) Mystik Media AudioEdit Deluxe, Blaze Media, and others; (21) Power Audio Editor; (22) DanDans Digital Media Full Audio Converter, Music Editing Master, and others; (23) Xrlly Software Text to Speech Makerand Arial Sound Recorder / Audio Converter; (24) Absolute Sound Recorder, Video to Audio Converter, and MP3 Splitter; (25) Easy Ringtone Maker; (26) RecordNRip; (27) McFunSoft iPod Audio Studio, Audio Recorder for Free, and others; (28) MP3 WAV Converter; (29) BearShare 6.0.2.26789; and (30) Oracle Siebel SimBuilder and CRM 7.x.

Publication Date Jan. 25, 2007, 6:28 a.m.
Registration Date Jan. 29, 2021, 2:04 p.m.
Last Update Oct. 17, 2018, 1:30 a.m.
Affected software configurations
Configuration1 or higher or less more than less than
cpe:2.3:a:altdo:convert_mp3_master:1.1:*:*:*:*:*:*:*
cpe:2.3:a:altdo:mp3_record_and_edit_audio_master:1.2:*:*:*:*:*:*:*
cpe:2.3:a:americanshareware:mp3_wav_converter:3.1.8:*:*:*:*:*:*:*
cpe:2.3:a:audio_edit_magic:audio_edit_magic:9.2.3_389:*:*:*:*:*:*:*
cpe:2.3:a:bearshare:bearshare:6.0.2.26789:*:*:*:*:*:*:*
cpe:2.3:a:cdburnerxp:cdburnerxp_pro:3.0.116:*:*:*:*:*:*:*
cpe:2.3:a:cheetahburner:cheetah_cd_burner:3.56:*:*:*:*:*:*:*
cpe:2.3:a:cheetahburner:cheetah_dvd_burner:1.79:*:*:*:*:*:*:*
cpe:2.3:a:code-it_softare:abasic_editor:10.1:*:*:*:*:*:*:*
cpe:2.3:a:code-it_softare:wave_mp3_editor:10.1:*:*:*:*:*:*:*
cpe:2.3:a:dandans_digital_media_products:easy_audio_editor:7.4:*:*:*:*:*:*:*
cpe:2.3:a:dandans_digital_media_products:full_audio_converter:4.2:*:*:*:*:*:*:*
cpe:2.3:a:dandans_digital_media_products:music_editing_master:5.2:*:*:*:*:*:*:*
cpe:2.3:a:dandans_digital_media_products:visual_video_converter:4.4:*:*:*:*:*:*:*
cpe:2.3:a:digital_borneo:audio_mixer_and_editor:1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:easy_ringtone_maker:easy_ringtone_maker:2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:expstudio:audio_editor:4.0.2:*:*:*:*:*:*:*
cpe:2.3:a:iaudiosoft.com:absolute_mp3_splitter:2.5.4:*:*:*:*:*:*:*
cpe:2.3:a:iaudiosoft.com:absolute_sound_recorder:3.4.5:*:*:*:*:*:*:*
cpe:2.3:a:iaudiosoft.com:absolute_video_to_audio_converter:2.7.9:*:*:*:*:*:*:*
cpe:2.3:a:imesh.com:imesh:7.0.2.26789:*:*:*:*:*:*:*
cpe:2.3:a:j_hepple_products:fx_audio_concat:1.2.0_beta:*:*:*:*:*:*:*
cpe:2.3:a:j_hepple_products:fx_audio_editor:4.7.11:*:*:*:*:*:*:*
cpe:2.3:a:j_hepple_products:fx_audio_tools:7.3.4:*:*:*:*:*:*:*
cpe:2.3:a:j_hepple_products:fx_magic_music:5.7.7:*:*:*:*:*:*:*
cpe:2.3:a:j_hepple_products:fx_movie_joiner:6.2.8:*:*:*:*:*:*:*
cpe:2.3:a:j_hepple_products:fx_movie_joiner_and_splitter:6.2.8:*:*:*:*:*:*:*
cpe:2.3:a:j_hepple_products:fx_movie_splitter:6.4.7:*:*:*:*:*:*:*
cpe:2.3:a:j_hepple_products:fx_new_sound:5.1.1:*:*:*:*:*:*:*
cpe:2.3:a:j_hepple_products:fx_video_converter:7.51.21:*:*:*:*:*:*:*
cpe:2.3:a:joshua_mediasoft:audio_convertor_plus:2.2:*:*:*:*:*:*:*
cpe:2.3:a:joshua_mediasoft:video_converter_plus:3.01:*:*:*:*:*:*:*
cpe:2.3:a:magicvideosoftare:magic_audio_converter:8.2.6_build_719:*:*:*:*:*:*:*
cpe:2.3:a:magicvideosoftare:magic_audio_recorder:5.3.7:*:*:*:*:*:*:*
cpe:2.3:a:magicvideosoftare:magic_music_editor:5.2.2:*:*:*:*:*:*:*
cpe:2.3:a:mcfunsoft:audio_editor:6.3.3_build_489:*:*:*:*:*:*:*
cpe:2.3:a:mcfunsoft:audio_recorder_for_free:6.1:*:*:*:*:*:*:*
cpe:2.3:a:mcfunsoft:audio_studio:6.6.3_build_479:*:*:*:*:*:*:*
cpe:2.3:a:mcfunsoft:ipod_audio_studio:6.2.4:*:*:*:*:*:*:*
cpe:2.3:a:mcfunsoft:ipod_music_converter:5.1:*:*:*:*:*:*:*
cpe:2.3:a:mcfunsoft:recording_to_ipod_solution:5.1:*:*:*:*:*:*:*
cpe:2.3:a:mediatox:aurora_media_workshop:3.3.25:*:*:*:*:*:*:*
cpe:2.3:a:movavi:chiliburner:2.3:*:*:*:*:*:*:*
cpe:2.3:a:movavi:convertmovie:4.4:*:*:*:*:*:*:*
cpe:2.3:a:movavi:dvd_to_ipod:1.0:*:*:*:*:*:*:*
cpe:2.3:a:movavi:splitmovie:1.4:*:*:*:*:*:*:*
cpe:2.3:a:movavi:suite:3.5:*:*:*:*:*:*:*
cpe:2.3:a:movavi:videomessage:1.0:*:*:*:*:*:*:*
cpe:2.3:a:mp3-soft:mp3_normalizer:1.03:*:*:*:*:*:*:*
cpe:2.3:a:mystik_media_products:audioedit_deluxe:4.10:*:*:*:*:*:*:*
cpe:2.3:a:mystik_media_products:blaze_media_pro:7.0:*:*:*:*:*:*:*
cpe:2.3:a:mystik_media_products:blaze_mediaconvert:3.4:*:*:*:*:*:*:*
cpe:2.3:a:mystik_media_products:contextconvert_pro:3.1:*:*:*:*:*:*:*
cpe:2.3:a:nctsoft_products:nctaudioeditor:2.7.1:*:*:*:*:*:*:*
cpe:2.3:a:nctsoft_products:nctaudiofile2:*:*:*:*:*:*:*:*
cpe:2.3:a:nctsoft_products:nctaudiostudio:2.7.1:*:*:*:*:*:*:*
cpe:2.3:a:nctsoft_products:nctdialogicvoice:2.7.1:*:*:*:*:*:*:*
cpe:2.3:a:nextlevel_systems:audio_editor_gold:9.2.5_build_424:*:*:*:*:*:*:*
cpe:2.3:a:nextlevel_systems:audio_studio_gold:7.0.1.1_build_500:*:*:*:*:*:*:*
cpe:2.3:a:quikscribe:quikscribe_player:5.022.05:*:*:*:*:*:*:*
cpe:2.3:a:quikscribe:quikscribe_recorder:5.021.29:*:*:*:*:*:*:*
cpe:2.3:a:recordnrip:recordnrip:1.0:*:*:*:*:*:*:*
cpe:2.3:a:rmbsoft:audioconvert:3.1.0.125:*:*:*:*:*:*:*
cpe:2.3:a:rmbsoft:soundedit_pro:2.1:*:*:*:*:*:*:*
cpe:2.3:a:roemer_software:easy_hi-q_converter:1.7:*:*:*:*:*:*:*
cpe:2.3:a:roemer_software:easy_hi-q_recorder:2.0:*:*:*:*:*:*:*
cpe:2.3:a:roemer_software:free_hi-q_recorder:1.9:*:*:*:*:*:*:*
cpe:2.3:a:sienzo:digital_music_mentor:2.6.0.3:*:*:*:*:*:*:*
cpe:2.3:a:smart_media_systems:power_audio_editor:11.0.1:*:*:*:*:*:*:*
cpe:2.3:a:softdiv_softare:dexster:3.0:*:*:*:*:*:*:*
cpe:2.3:a:softdiv_softare:ivideomax:3.9:*:*:*:*:*:*:*
cpe:2.3:a:softdiv_softare:mp3_to_wav_converter:3.0:*:*:*:*:*:*:*
cpe:2.3:a:softdiv_softare:snosh:1.4:*:*:*:*:*:*:*
cpe:2.3:a:softdiv_softare:videozilla:2.5:*:*:*:*:*:*:*
cpe:2.3:a:virtual_cd:virtual_cd:6.0.0.7:*:*:*:*:*:*:*
cpe:2.3:a:virtual_cd:virtual_cd:7.1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:virtual_cd:virtual_cd:8.0.0.6:*:*:*:*:*:*:*
cpe:2.3:a:virtual_cd:virtual_cd_file_server:7.1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:xrlly_software:arial_audio_converter:2.3.40:*:*:*:*:*:*:*
cpe:2.3:a:xrlly_software:arial_sound_recorder:1.4.3:*:*:*:*:*:*:*
cpe:2.3:a:xrlly_software:text_to_speech_maker:1.3.8:*:*:*:*:*:*:*
cpe:2.3:a:xwaver.com:magic_audio_editor_pro:10.3.1_build_476:*:*:*:*:*:*:*
cpe:2.3:a:xwaver.com:magic_music_studio_pro:7.0.2.1_build_500:*:*:*:*:*:*:*
Related information, measures and tools
Common Vulnerabilities List