RSS   Vulnerabilities for 'Alpass'   RSS

2007-08-27
 
CVE-2007-4550

CWE-134
 

 
Format string vulnerability in ALPass 2.7 English and 3.02 Korean might allow user-assisted remote attackers to execute arbitrary code via format string specifiers in an fnm field in a folder-name record in an ALPASS DB (APW) file.

 
 
CVE-2007-4549

CWE-119
 

 
Multiple buffer overflows in ALPass 2.7 English and 3.02 Korean allow user-assisted remote attackers to execute arbitrary code via an ALPass DB (APW) file containing (1) a long file-key or (2) a "Site Information and Folder entry" with a ciphertext_length value much larger than the plaintext_length value.

 

 >>> Vendor: Altools 4 Products
Alzip
Alftp ftp server
Alpass
Alsong


Copyright 2024, cxsecurity.com

 

Back to Top