CVE-2007-0018
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2007-0018
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Stack-based buffer overflow in the NCTAudioFile2.AudioFile ActiveX control (NCTAudioFile2.dll), as used by multiple products, allows remote attackers to execute arbitrary code via a long argument to the SetFormatLikeSample function. NOTE: the products include (1) NCTsoft NCTAudioStudio, NCTAudioEditor, and NCTDialogicVoice; (2) Magic Audio Recorder, Music Editor, and Audio Converter; (3) Aurora Media Workshop; DB Audio Mixer And Editor; (4) J. Hepple Products including Fx Audio Editor and others; (5) EXPStudio Audio Editor; (6) iMesh; (7) Quikscribe; (8) RMBSoft AudioConvert and SoundEdit Pro 2.1; (9) CDBurnerXP; (10) Code-it Software Wave MP3 Editor and aBasic Editor; (11) Movavi VideoMessage, DVD to iPod, and others; (12) SoftDiv Software Dexster, iVideoMAX, and others; (13) Sienzo Digital Music Mentor (DMM); (14) MP3 Normalizer; (15) Roemer Software FREE and Easy Hi-Q Recorder, and Easy Hi-Q Converter; (16) Audio Edit Magic; (17) Joshua Video and Audio Converter; (18) Virtual CD; (19) Cheetah CD and DVD Burner; (20) Mystik Media AudioEdit Deluxe, Blaze Media, and others; (21) Power Audio Editor; (22) DanDans Digital Media Full Audio Converter, Music Editing Master, and others; (23) Xrlly Software Text to Speech Makerand Arial Sound Recorder / Audio Converter; (24) Absolute Sound Recorder, Video to Audio Converter, and MP3 Splitter; (25) Easy Ringtone Maker; (26) RecordNRip; (27) McFunSoft iPod Audio Studio, Audio Recorder for Free, and others; (28) MP3 WAV Converter; (29) BearShare 6.0.2.26789; and (30) Oracle Siebel SimBuilder and CRM 7.x.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
NCTsoft NCTAudioFile2 ActiveX控件远程栈溢出漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
NCTAudioFile2是NCTsoft提供的一个ActiveX控件,用于处理音频数据。 NCTAudioFile2 ActiveX控件在处理带有畸形参数的SetFormatLikeSample()方法时存在栈溢出漏洞,远程攻击者可能利用此漏洞控制用户机器。如果攻击者能够向该方式发送超过4124字节的超长参数时,就可以触发这个溢出,导致执行任意指令。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Shenlong Deep Dive — AI Deep Analysis
10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2007-0018
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2007-0018
请登录查看更多情报信息。
- http://secunia.com/secunia_research/2007-12/advisory/x_refsource_MISC
- http://secunia.com/secunia_research/2007-23/advisory/x_refsource_MISC
- http://secunia.com/secunia_research/2007-24/advisory/x_refsource_MISC
- http://secunia.com/secunia_research/2007-18/advisory/x_refsource_MISC
- http://secunia.com/secunia_research/2007-32/advisory/x_refsource_MISC
- http://secunia.com/secunia_research/2007-8/advisory/x_refsource_MISC
- http://secunia.com/secunia_research/2007-2/advisory/x_refsource_MISC
- http://secunia.com/secunia_research/2007-14/advisory/x_refsource_MISC
- http://secunia.com/secunia_research/2007-17/advisory/x_refsource_MISC
- http://secunia.com/secunia_research/2007-16/advisory/x_refsource_MISC
- http://secunia.com/secunia_research/2007-31/advisory/x_refsource_MISC
- http://secunia.com/secunia_research/2007-15/advisory/x_refsource_MISC
- http://secunia.com/secunia_research/2007-27/advisory/x_refsource_MISC
- http://secunia.com/secunia_research/2007-7/advisory/x_refsource_MISC
- http://secunia.com/secunia_research/2007-28/advisory/x_refsource_MISC
- http://secunia.com/secunia_research/2007-30/advisory/x_refsource_MISC
- http://secunia.com/secunia_research/2007-25/advisory/x_refsource_MISC
- http://secunia.com/secunia_research/2007-11/advisory/x_refsource_MISC
- http://secunia.com/secunia_research/2007-4/advisory/x_refsource_MISC
- http://secunia.com/secunia_research/2007-29/advisory/x_refsource_MISC
- http://secunia.com/secunia_research/2007-20/advisory/x_refsource_MISC
- http://secunia.com/secunia_research/2007-19/advisory/x_refsource_MISC
- http://secunia.com/secunia_research/2007-33/advisory/x_refsource_MISC
- http://secunia.com/blog/6/x_refsource_MISC
- http://secunia.com/secunia_research/2007-6/advisory/x_refsource_MISC
- http://secunia.com/secunia_research/2007-50/advisory/x_refsource_MISC
- http://secunia.com/secunia_research/2007-3/advisory/x_refsource_MISC
- http://secunia.com/secunia_research/2007-9/advisory/x_refsource_MISC
- http://secunia.com/secunia_research/2007-5/advisory/x_refsource_MISC
- http://secunia.com/secunia_research/2007-26/advisory/x_refsource_MISC
- http://secunia.com/secunia_research/2007-34/advisory/x_refsource_MISC
- http://secunia.com/secunia_research/2007-21/advisory/x_refsource_MISC
- http://secunia.com/secunia_research/2007-22/advisory/x_refsource_MISC
- http://secunia.com/secunia_research/2007-13/advisory/x_refsource_MISC
- http://secunia.com/secunia_research/2007-10/advisory/x_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2007-0018
Same Patch Batch · n/a · 2007-01-24 · 13 CVEs total
| CVE-2006-6952 | CA多个产品驱动本地权限提升漏洞 | |
| CVE-2007-0444 | Citrix Presentation/MetaFrame Server cpprov.dll畸形参数栈缓冲区溢出漏洞 | |
| CVE-2007-0010 | GTK2 GdkPixbufLoader函数远程拒绝服务漏洞 | |
| CVE-2005-4824 | Siteframe web/classes.php PHP远程文件包含漏洞 | |
| CVE-2007-0020 | Transmit "sftp://" URI处理器堆溢出漏洞 | |
| CVE-2007-0023 | Apple UserNotificationCenter本地权限提升漏洞 | |
| CVE-2007-0460 | SUSE Linux Ulogd 多个缓冲区溢出漏洞 | |
| CVE-2007-0461 | Dazuko anti-virus helper模块拒绝服务攻击漏洞 | |
| CVE-2007-0468 | Microsoft Visual Studio C++ (.RC) 'rcdll.dll' 栈缓存溢出漏洞 | |
| CVE-2007-0469 | RubyGems 'installer.rb' extract_files函数拒绝服务攻击漏洞 | |
| CVE-2007-0470 | Sun Solaris tip工具本地权限提升漏洞 | |
| CVE-2007-0471 | CheckPoint Connectra端点绕过安全检测漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8276
bettercap MySQL Server mysql_server.go integer coercion - CVE-2026-8275
bettercap zerogod IPP Service zerogod_ipp_primitives.go ippR - CVE-2026-8270
Open5GS SMF ogs_nas_parse_qos_rules denial of service - CVE-2026-8269
Open5GS SMF smf_nsmf_handle_create_sm_context denial of serv - CVE-2026-8268
Open5GS SMF OpenAPI_list_create denial of service
V. Comments for CVE-2007-0018
No comments yet