Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2007-4916

EPSS 71.88% · P99
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2007-4916

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Heap-based buffer overflow in the FileFind::FindFile method in (1) MFC42.dll, (2) MFC42u.dll, (3) MFC71.dll, and (4) MFC71u.dll in Microsoft Foundation Class (MFC) Library 8.0, as used by the ListFiles method in hpqutil.dll 2.0.0.138 in Hewlett-Packard (HP) All-in-One and Photo & Imaging Gallery 1.1 and probably other products, allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long first argument.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Microsoft MFC库CFileFind::FindFile堆溢出漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Microsoft Windows是美国微软(Microsoft)公司发布的一系列操作系统。 Windows系统中所提供的MFC42和MFC71库的CFileFind类在处理FindFile()函数参数时存在堆溢出漏洞,本地攻击者可能利用此漏洞提升自己的权限。 MFC[42|71].dll@CFileFind::FindFile(char const *,unsigned long) .text:73D6CD3F mov edi, edi .text:73D6CD41 push ebp .text:73D
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2007-4916

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2007-4916

登录查看更多情报信息。

Same Patch Batch · n/a · 2007-09-17 · 25 CVEs total

CVE-2007-4919JBlog id参数多个SQL注入漏洞
CVE-2007-4908AuraCMS Index.PHP 本地文件包含漏洞
CVE-2007-4907Qualiteam X-Cart xcart_dir 多个远程文件包含漏洞
CVE-2007-4906NuclearBB NuclearBB NuclearBB Alpha 代码注入漏洞
CVE-2007-4905AuraCMS mod/contak.php 任意文件上传漏洞
CVE-2007-4904RealNetworks RealPlayer 数字错误漏洞
CVE-2007-4903Ultra Crypto Component CryptoX.dll控件远程溢出漏洞
CVE-2007-4902Ultra Crypto Component SaveToFile方式任意文件覆盖漏洞
CVE-2007-4923Joomla! Joomla!Radio组件本地文件包含漏洞
CVE-2007-4922模块jeuxflash for Kwsphp id参数SQL注入漏洞
CVE-2007-4921Ajax File Browser 代码注入漏洞
CVE-2007-4920PHP Webquest Soporte_Derecha_W.PHP Parameter SQL注入漏洞
CVE-2007-3379Red Hat Enterprise Linux (RHEL) 4 内核拒绝服务攻击漏洞
CVE-2007-4918Gelato CMS Index.PHP SQL注入漏洞
CVE-2007-4917Php-Stats Tracking.PHP 跨站脚本攻击漏洞
CVE-2007-4915Intersil Boa Webserver 输入验证漏洞
CVE-2007-4914Invision Power Board用户配置文件和订单管理器多个输入验证漏洞
CVE-2007-4913Invision Invision Power Services Invision Power Board 代码注入漏洞
CVE-2007-4912Invision Power Board用户配置文件和订单管理器多个输入验证漏洞
CVE-2007-4911jetCast Server HTTP请求远程拒绝服务漏洞

Showing top 20 of 25 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2007-4916

No comments yet

Leave a comment