CVE-2007-4463

Name: CVE-2007-4463
Creator: NVD / NIST
Published: 2007-08-21T21:17:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 3.48%

Last modified Jun 16, 2026

CVE-2007-4463 is a vulnerability of currently unknown severity. The Fileinfo 2.0.9 plugin for Total Commander allows user-assisted remote attackers to cause a denial of service (unhandled exception) via an invalid RVA address function pointer in (1) an IMAGE_THUNK_DATA structure, involving the (a) OriginalFirstThunk and (b) FirstThunk IMAGE_IMPORT_DESCRIPTOR fields, or (2) the AddressOfNames IMAGE_EXPORT_DIRECTORY field in a PE file.. EPSS estimates a 3.48% chance of exploitation in the next 30 days.

Description

The Fileinfo 2.0.9 plugin for Total Commander allows user-assisted remote attackers to cause a denial of service (unhandled exception) via an invalid RVA address function pointer in (1) an IMAGE_THUNK_DATA structure, involving the (a) OriginalFirstThunk and (b) FirstThunk IMAGE_IMPORT_DESCRIPTOR fields, or (2) the AddressOfNames IMAGE_EXPORT_DIRECTORY field in a PE file.

Metrics

EPSS Probability

3.48%

87.6th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Fransois Gannier	Fileinfo Plugin	2.09
Ghisler	Total Commander	All versions

References

Timeline

Published: Aug 21, 2007
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2007-4463?

How severe is CVE-2007-4463?

Severity scoring for CVE-2007-4463 is pending analysis. The EPSS model estimates a 3.48% probability of exploitation in the next 30 days.

How do I fix CVE-2007-4463?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2007-4463?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST