CVE-2007-1344
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2007-1344
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Multiple buffer overflows in src/ezstream.c in Ezstream before 0.3.0 allow remote attackers to execute arbitrary code via a crafted XML configuration file processed by the (1) urlParse function, which causes a stack-based overflow and the (2) ReplaceString function, which causes a heap-based overflow. NOTE: some of these details are obtained from third party information.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Ezstream 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Ezstream是一个应用软件。一个用于媒体流的命令行源客户端,主要用于流式传输到 Icecast 服务器。 Ezstream处理用户请求时存在安全漏洞,远程攻击者可能利用这些漏洞,在用户机器上执行任意指令。Ezstream的src/ezstream.c文件中urlParse()函数存在栈溢出漏洞,ReplaceString()函数中存在堆溢出漏洞。如果用户打开了特制的xml配置文件的话就会触发这些溢出,导致执行任意指令。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2007-1344
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2007-1344
请登录查看更多情报信息。
- http://www.icecast.org/ezstream.php#ez_relnotesx_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2007-1344
Same Patch Batch · n/a · 2007-03-08 · 12 CVEs total
| CVE-2007-1359 | Mod_Security ASCIIZ字节绕过安全限制漏洞 | |
| CVE-2007-1360 | Drupal Nodefamily 模块 访问控制绕过漏洞 | |
| CVE-2007-1361 | VirtueMart virtuemart_parser.php 跨站脚本攻击漏洞 | |
| CVE-2007-1346 | Sun Ipmitool接口远程非授权访问漏洞 | |
| CVE-2007-1347 | Microsoft Windows Explorer Office文件摘要信息 拒绝服务攻击漏洞 | |
| CVE-2007-1339 | Monitor-Line Links Management Index.PHP SQL注入漏洞 | |
| CVE-2007-1340 | News-Letterman eintrag.php 远程文件包含漏洞 | |
| CVE-2007-1341 | Simple Invoices "include/auth/auth.php" 敏感信息泄露漏洞 | |
| CVE-2007-1342 | Jelsoft vBulletin "admincp/index.php" 跨站脚本攻击漏洞 | |
| CVE-2007-1343 | Craig Knudsen WebCalendar includes/functions.php文件 任意变量重写漏洞 | |
| CVE-2007-1350 | Novell NetMail HTTP基本认证超长用户名远程缓冲区溢出漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8276
bettercap MySQL Server mysql_server.go integer coercion - CVE-2026-8275
bettercap zerogod IPP Service zerogod_ipp_primitives.go ippR - CVE-2026-8270
Open5GS SMF ogs_nas_parse_qos_rules denial of service - CVE-2026-8269
Open5GS SMF smf_nsmf_handle_create_sm_context denial of serv - CVE-2026-8268
Open5GS SMF OpenAPI_list_create denial of service
V. Comments for CVE-2007-1344
No comments yet