Vulnerability Details : CVE-2007-3314
Public exploit exists!
Stack-based buffer overflow in peviewer.spl in Altap Servant Salamander 2.5 with Portable Executable Viewer 2.02 (English Trial), and 2.0 with Portable Executable Viewer 1.00 (English Trial), allows remote attackers to execute arbitrary code via a long PDB debug filename in a PE file.
Vulnerability category: OverflowExecute code
Products affected by CVE-2007-3314
- cpe:2.3:a:altap:portable_executable_viewer:2.02:*:english_trial:*:*:*:*:*
- cpe:2.3:a:altap:portable_executable_viewer:1.00:*:english_trial:*:*:*:*:*
- cpe:2.3:a:altap:servant_salamander:2.5:*:*:*:*:*:*:*
- cpe:2.3:a:altap:servant_salamander:2.0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2007-3314
94.70%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2007-3314
-
Altap Salamander 2.5 PE Viewer Buffer Overflow
Disclosure Date: 2007-06-19First seen: 2020-04-26exploit/windows/fileformat/altap_salamander_pdbThis module exploits a buffer overflow in Altap Salamander <= v2.5. By creating a malicious file and convincing a user to view the file with the Portable Executable Viewer plugin within a vulnerable version of Salamander, the PDB file string is copied onto th
CVSS scores for CVE-2007-3314
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST |
References for CVE-2007-3314
-
http://vuln.sg/salamander25-en.html
[vuln.sg] Altap Salamander PE Viewer Buffer Overflow VulnerabilityExploit
-
http://www.vupen.com/english/advisories/2007/2268
-
http://www.securityfocus.com/bid/24557
Altap Servant Salamander PE File Handling Buffer Overflow Vulnerability
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/34938
Jump to