Stack-based buffer overflow in the NCTAudioFile2.AudioFile ActiveX control (NCTAudioFile2.dll), as used by multiple products, allows remote attackers to execute arbitrary code via a long argument to the SetFormatLikeSample function. NOTE: the products include (1) NCTsoft NCTAudioStudio, NCTAudioEditor, and NCTDialogicVoice; (2) Magic Audio Recorder, Music Editor, and Audio Converter; (3) Aurora Media Workshop; DB Audio Mixer And Editor; (4) J. Hepple Products including Fx Audio Editor and others; (5) EXPStudio Audio Editor; (6) iMesh; (7) Quikscribe; (8) RMBSoft AudioConvert and SoundEdit Pro 2.1; (9) CDBurnerXP; (10) Code-it Software Wave MP3 Editor and aBasic Editor; (11) Movavi VideoMessage, DVD to iPod, and others; (12) SoftDiv Software Dexster, iVideoMAX, and others; (13) Sienzo Digital Music Mentor (DMM); (14) MP3 Normalizer; (15) Roemer Software FREE and Easy Hi-Q Recorder, and Easy Hi-Q Converter; (16) Audio Edit Magic; (17) Joshua Video and Audio Converter; (18) Virtual CD; (19) Cheetah CD and DVD Burner; (20) Mystik Media AudioEdit Deluxe, Blaze Media, and others; (21) Power Audio Editor; (22) DanDans Digital Media Full Audio Converter, Music Editing Master, and others; (23) Xrlly Software Text to Speech Makerand Arial Sound Recorder / Audio Converter; (24) Absolute Sound Recorder, Video to Audio Converter, and MP3 Splitter; (25) Easy Ringtone Maker; (26) RecordNRip; (27) McFunSoft iPod Audio Studio, Audio Recorder for Free, and others; (28) MP3 WAV Converter; (29) BearShare 6.0.2.26789; and (30) Oracle Siebel SimBuilder and CRM 7.x.

Project Subscriptions

Vendors Products
Convert Mp3 Master Subscribe
Mp3 Record And Edit Audio Master Subscribe
Americanshareware Subscribe
Mp3 Wav Converter Subscribe
Audio Edit Magic Subscribe
Audio Edit Magic Subscribe
Bearshare Subscribe
Bearshare Subscribe
Cdburnerxp Subscribe
Cdburnerxp Pro Subscribe
Cheetahburner Subscribe
Cheetah Cd Burner Subscribe
Cheetah Dvd Burner Subscribe
Code-it Softare Subscribe
Abasic Editor Subscribe
Wave Mp3 Editor Subscribe
Dandans Digital Media Products Subscribe
Easy Audio Editor Subscribe
Full Audio Converter Subscribe
Music Editing Master Subscribe
Visual Video Converter Subscribe
Digital Borneo Subscribe
Audio Mixer And Editor Subscribe
Easy Ringtone Maker Subscribe
Easy Ringtone Maker Subscribe
Expstudio Subscribe
Audio Editor Subscribe
Iaudiosoft.com Subscribe
Absolute Mp3 Splitter Subscribe
Absolute Sound Recorder Subscribe
Absolute Video To Audio Converter Subscribe
Imesh.com Subscribe
J Hepple Products Subscribe
Fx Audio Concat Subscribe
Fx Audio Editor Subscribe
Fx Audio Tools Subscribe
Fx Magic Music Subscribe
Fx Movie Joiner Subscribe
Fx Movie Joiner And Splitter Subscribe
Fx Movie Splitter Subscribe
Fx New Sound Subscribe
Fx Video Converter Subscribe
Joshua Mediasoft Subscribe
Audio Convertor Plus Subscribe
Video Converter Plus Subscribe
Magicvideosoftare Subscribe
Magic Audio Converter Subscribe
Magic Audio Recorder Subscribe
Magic Music Editor Subscribe
Mcfunsoft Subscribe
Audio Editor Subscribe
Audio Recorder For Free Subscribe
Audio Studio Subscribe
Ipod Audio Studio Subscribe
Ipod Music Converter Subscribe
Recording To Ipod Solution Subscribe
Mediatox Subscribe
Aurora Media Workshop Subscribe
Chiliburner Subscribe
Convertmovie Subscribe
Dvd To Ipod Subscribe
Splitmovie Subscribe
Videomessage Subscribe
Mp3-soft Subscribe
Mp3 Normalizer Subscribe
Mystik Media Products Subscribe
Audioedit Deluxe Subscribe
Blaze Media Pro Subscribe
Blaze Mediaconvert Subscribe
Contextconvert Pro Subscribe
Nctsoft Products Subscribe
Nctaudioeditor Subscribe
Nctaudiofile2 Subscribe
Nctaudiostudio Subscribe
Nctdialogicvoice Subscribe
Nextlevel Systems Subscribe
Audio Editor Gold Subscribe
Audio Studio Gold Subscribe
Quikscribe Subscribe
Quikscribe Player Subscribe
Quikscribe Recorder Subscribe
Recordnrip Subscribe
Recordnrip Subscribe
Rmbsoft Subscribe
Audioconvert Subscribe
Soundedit Pro Subscribe
Roemer Software Subscribe
Easy Hi-q Converter Subscribe
Easy Hi-q Recorder Subscribe
Free Hi-q Recorder Subscribe
Digital Music Mentor Subscribe
Smart Media Systems Subscribe
Power Audio Editor Subscribe
Softdiv Softare Subscribe
Dexster Subscribe
Ivideomax Subscribe
Mp3 To Wav Converter Subscribe
Videozilla Subscribe
Virtual Cd Subscribe
Virtual Cd Subscribe
Virtual Cd File Server Subscribe
Xrlly Software Subscribe
Arial Audio Converter Subscribe
Arial Sound Recorder Subscribe
Text To Speech Maker Subscribe
Xwaver.com Subscribe
Magic Audio Editor Pro Subscribe
Magic Music Studio Pro Subscribe
Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

References
Link Providers
http://secunia.com/advisories/22922 cve-icon cve-icon
http://secunia.com/advisories/23475 cve-icon cve-icon
http://secunia.com/advisories/23485 cve-icon cve-icon
http://secunia.com/advisories/23493 cve-icon cve-icon
http://secunia.com/advisories/23495 cve-icon cve-icon
http://secunia.com/advisories/23511 cve-icon cve-icon
http://secunia.com/advisories/23516 cve-icon cve-icon
http://secunia.com/advisories/23530 cve-icon cve-icon
http://secunia.com/advisories/23532 cve-icon cve-icon
http://secunia.com/advisories/23534 cve-icon cve-icon
http://secunia.com/advisories/23535 cve-icon cve-icon
http://secunia.com/advisories/23536 cve-icon cve-icon
http://secunia.com/advisories/23541 cve-icon cve-icon
http://secunia.com/advisories/23542 cve-icon cve-icon
http://secunia.com/advisories/23543 cve-icon cve-icon
http://secunia.com/advisories/23544 cve-icon cve-icon
http://secunia.com/advisories/23546 cve-icon cve-icon
http://secunia.com/advisories/23548 cve-icon cve-icon
http://secunia.com/advisories/23550 cve-icon cve-icon
http://secunia.com/advisories/23551 cve-icon cve-icon
http://secunia.com/advisories/23552 cve-icon cve-icon
http://secunia.com/advisories/23553 cve-icon cve-icon
http://secunia.com/advisories/23554 cve-icon cve-icon
http://secunia.com/advisories/23557 cve-icon cve-icon
http://secunia.com/advisories/23558 cve-icon cve-icon
http://secunia.com/advisories/23560 cve-icon cve-icon
http://secunia.com/advisories/23561 cve-icon cve-icon
http://secunia.com/advisories/23562 cve-icon cve-icon
http://secunia.com/advisories/23565 cve-icon cve-icon
http://secunia.com/advisories/23568 cve-icon cve-icon
http://secunia.com/advisories/23745 cve-icon cve-icon
http://secunia.com/advisories/23753 cve-icon cve-icon
http://secunia.com/advisories/23795 cve-icon cve-icon
http://secunia.com/advisories/25993 cve-icon cve-icon
http://secunia.com/advisories/26046 cve-icon cve-icon
http://secunia.com/advisories/26100 cve-icon cve-icon
http://secunia.com/advisories/26101 cve-icon cve-icon
http://secunia.com/advisories/28407 cve-icon cve-icon
http://secunia.com/advisories/30406 cve-icon cve-icon
http://secunia.com/advisories/30424 cve-icon cve-icon
http://secunia.com/advisories/30439 cve-icon cve-icon
http://secunia.com/advisories/30446 cve-icon cve-icon
http://secunia.com/advisories/30447 cve-icon cve-icon
http://secunia.com/advisories/30450 cve-icon cve-icon
http://secunia.com/advisories/30459 cve-icon cve-icon
http://secunia.com/blog/6/ cve-icon cve-icon
http://secunia.com/secunia_research/2007-10/advisory/ cve-icon cve-icon
http://secunia.com/secunia_research/2007-11/advisory/ cve-icon cve-icon
http://secunia.com/secunia_research/2007-12/advisory/ cve-icon cve-icon
http://secunia.com/secunia_research/2007-13/advisory/ cve-icon cve-icon
http://secunia.com/secunia_research/2007-14/advisory/ cve-icon cve-icon
http://secunia.com/secunia_research/2007-15/advisory/ cve-icon cve-icon
http://secunia.com/secunia_research/2007-16/advisory/ cve-icon cve-icon
http://secunia.com/secunia_research/2007-17/advisory/ cve-icon cve-icon
http://secunia.com/secunia_research/2007-18/advisory/ cve-icon cve-icon
http://secunia.com/secunia_research/2007-19/advisory/ cve-icon cve-icon
http://secunia.com/secunia_research/2007-2/advisory/ cve-icon cve-icon
http://secunia.com/secunia_research/2007-20/advisory/ cve-icon cve-icon
http://secunia.com/secunia_research/2007-21/advisory/ cve-icon cve-icon
http://secunia.com/secunia_research/2007-22/advisory/ cve-icon cve-icon
http://secunia.com/secunia_research/2007-23/advisory/ cve-icon cve-icon
http://secunia.com/secunia_research/2007-24/advisory/ cve-icon cve-icon
http://secunia.com/secunia_research/2007-25/advisory/ cve-icon cve-icon
http://secunia.com/secunia_research/2007-26/advisory/ cve-icon cve-icon
http://secunia.com/secunia_research/2007-27/advisory/ cve-icon cve-icon
http://secunia.com/secunia_research/2007-28/advisory/ cve-icon cve-icon
http://secunia.com/secunia_research/2007-29/advisory/ cve-icon cve-icon
http://secunia.com/secunia_research/2007-3/advisory/ cve-icon cve-icon
http://secunia.com/secunia_research/2007-30/advisory/ cve-icon cve-icon
http://secunia.com/secunia_research/2007-31/advisory/ cve-icon cve-icon
http://secunia.com/secunia_research/2007-32/advisory/ cve-icon cve-icon
http://secunia.com/secunia_research/2007-33/advisory/ cve-icon cve-icon
http://secunia.com/secunia_research/2007-34/advisory/ cve-icon cve-icon
http://secunia.com/secunia_research/2007-4/advisory/ cve-icon cve-icon
http://secunia.com/secunia_research/2007-5/advisory/ cve-icon cve-icon
http://secunia.com/secunia_research/2007-50/advisory/ cve-icon cve-icon
http://secunia.com/secunia_research/2007-6/advisory/ cve-icon cve-icon
http://secunia.com/secunia_research/2007-7/advisory/ cve-icon cve-icon
http://secunia.com/secunia_research/2007-8/advisory/ cve-icon cve-icon
http://secunia.com/secunia_research/2007-9/advisory/ cve-icon cve-icon
http://www.kb.cert.org/vuls/id/292713 cve-icon cve-icon
http://www.securityfocus.com/archive/1/457936/100/200/threaded cve-icon cve-icon
http://www.securityfocus.com/archive/1/457940/100/200/threaded cve-icon cve-icon
http://www.securityfocus.com/archive/1/457965/100/200/threaded cve-icon cve-icon
http://www.securityfocus.com/bid/22196 cve-icon cve-icon
http://www.securityfocus.com/bid/23892 cve-icon cve-icon
http://www.vupen.com/english/advisories/2007/0310 cve-icon cve-icon
https://exchange.xforce.ibmcloud.com/vulnerabilities/31707 cve-icon cve-icon
History

No history.

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: flexera

Published:

Updated: 2024-08-07T12:03:36.587Z

Reserved: 2007-01-02T05:00:00.000Z

Link: CVE-2007-0018

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2007-01-24T21:28:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2007-0018

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses