CVE-2007-0348

Name: CVE-2007-0348
Creator: NVD / NIST
Published: 2007-03-21T19:19:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 35.14%

Last modified Jun 16, 2026

CVE-2007-0348 is a vulnerability of currently unknown severity. Stack-based buffer overflow in the IASystemInfo.dll ActiveX control in (1) InterActual Player 2.60.12.0717, (2) Roxio CinePlayer 3.2, (3) WinDVD 7.0.27.172, and possibly other products, allows remote attackers to execute arbitrary code via a long ApplicationType property.. EPSS estimates a 35.14% chance of exploitation in the next 30 days.

Description

Stack-based buffer overflow in the IASystemInfo.dll ActiveX control in (1) InterActual Player 2.60.12.0717, (2) Roxio CinePlayer 3.2, (3) WinDVD 7.0.27.172, and possibly other products, allows remote attackers to execute arbitrary code via a long ApplicationType property.

Metrics

EPSS Probability

35.14%

98.2th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-119

Affected Software

Vendor	Product	Versions
Interactual Technologies	Interactual Player	2.60.12.0717
Intervideo	Windvd	7.0.27.172
Roxio	Cineplayer	3.2

References

http://osvdb.org/34314
http://osvdb.org/34315
http://secunia.com/advisories/23032Vendor Advisory
http://secunia.com/advisories/23075Vendor Advisory
http://secunia.com/advisories/24556Vendor Advisory
http://secunia.com/secunia_research/2007-37/advisory/Vendor Advisory
http://www.kb.cert.org/vuls/id/922969US Government Resource
http://www.securityfocus.com/archive/1/463405/100/0/threaded
http://www.securityfocus.com/bid/23071
http://www.vupen.com/english/advisories/2007/1042Vendor Advisory
http://www.vupen.com/english/advisories/2007/1043Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/33186
http://osvdb.org/34314
http://osvdb.org/34315
http://secunia.com/advisories/23032Vendor Advisory
http://secunia.com/advisories/23075Vendor Advisory
http://secunia.com/advisories/24556Vendor Advisory
http://secunia.com/secunia_research/2007-37/advisory/Vendor Advisory
http://www.kb.cert.org/vuls/id/922969US Government Resource
http://www.securityfocus.com/archive/1/463405/100/0/threaded
http://www.securityfocus.com/bid/23071
http://www.vupen.com/english/advisories/2007/1042Vendor Advisory
http://www.vupen.com/english/advisories/2007/1043Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/33186

Timeline

Published: Mar 21, 2007
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2007-0348?

How severe is CVE-2007-0348?

Severity scoring for CVE-2007-0348 is pending analysis. The EPSS model estimates a 35.14% probability of exploitation in the next 30 days.

How do I fix CVE-2007-0348?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2007-0348?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST