Vulnerability Details CVE-2007-0320
Multiple buffer overflows in (a) an ActiveX control (iftw.dll) and (b) Netscape plug-in (npiftw32.dll) for Macrovision (formerly InstallShield) InstallFromTheWeb allow remote attackers to execute arbitrary code via crafted HTML documents.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.074
EPSS Ranking 91.2%
CVSS Severity
CVSS v2 Score 9.3
References
- http://osvdb.org/33530
- http://osvdb.org/33531
- http://secunia.com/advisories/24285
- http://www.kb.cert.org/vuls/id/181041
- http://www.kb.cert.org/vuls/id/MAPG-6UQUDP
- http://www.securityfocus.com/bid/22672
- http://www.vupen.com/english/advisories/2007/0705
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32645
- http://osvdb.org/33530
- http://osvdb.org/33531
- http://secunia.com/advisories/24285
- http://www.kb.cert.org/vuls/id/181041
- http://www.kb.cert.org/vuls/id/MAPG-6UQUDP
- http://www.securityfocus.com/bid/22672
- http://www.vupen.com/english/advisories/2007/0705
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32645
Products affected by CVE-2007-0320
-
cpe:2.3:a:macrovision:installfromtheweb:*