Overflow に分類される脆弱性に紐づく CVE を、公開年で絞り込みます。一覧は新しい公開が上に来る並びで、CVSS / EPSS のリスク指標でもさらに絞り込めます。
直近の脆弱性公開や傾向を押さえ、セキュリティチームが高リスクな事象や悪用の可能性を素早く把握するためのビューです。
2007 年に公開され、Overflow に分類される CVE を表示しています。 CVE の一覧へ
| CVE | 説明 | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|
| CVE-2007-6609 | Multiple stack-based buffer overflows in the CPLI_ReadTag_OGG function in CPI_PlaylistItem.c in CoolPlayer 217 and earlier allow user-assisted remote attackers to execute arbitrary code via a long (1) cTag or (2) cValue field in an OGG Vorbis file. | 5.0 | 10.82% | 2007-12-31 | 2026-04-23 |
| CVE-2007-6605 | Buffer overflow in a certain ActiveX control in SkyFexClient.ocx 1.0.2.77 in SkyFex Client 1.0 allows remote attackers to execute arbitrary code via long strings in the first four arguments to the Start method. | 5.8 | 7.70% | 2007-12-31 | 2026-04-23 |
| CVE-2007-6593 | Multiple stack-based buffer overflows in l123sr.dll in Autonomy (formerly Verity) KeyView SDK, as used by IBM Lotus Notes 5.x through 8.x, allow user-assisted remote attackers to execute arbitrary code via the (1) Length and (2) Value fields for certain Types in a Lotus 1-2-3 (.123) file in the Worksheet File (WKS) format, as demonstrated by a file with a crafted SRANGE record, a different vulnerability than CVE-2007-5909. | 8.8 | 17.17% | 2007-12-28 | 2026-04-23 |
| CVE-2007-6563 | Heap-based buffer overflow in WinAce 2.65 and earlier, and possibly other versions before 2.69, allows user-assisted remote attackers to execute arbitrary code via a long filename in a compressed UUE archive. | 10.0 | 23.72% | 2007-12-28 | 2026-04-23 |
| CVE-2007-6562 | Multiple stack-based buffer overflows in the use of FD_SET in TCPreen before 1.4.4 allow remote attackers to cause a denial of service via multiple concurrent connections, which result in overflows in the (1) SocketAddress::Connect function in libsolve/sockprot.cpp and (2) monitor_bridge function in src/bridge.cpp. | 5.0 | 1.40% | 2007-12-28 | 2026-04-23 |
| CVE-2007-6561 | Multiple stack-based buffer overflows in PDFLib allow user-assisted remote attackers to execute arbitrary code via a long filename argument to the PDF_load_image function that results in an overflow in the pdc_fsearch_fopen function, and possibly other vectors. | 5.7 | 3.84% | 2007-12-28 | 2026-04-23 |
| CVE-2007-6537 | Stack-based buffer overflow in the zfile_gunzip function in zfile.c in WinUAE 1.4.4 and earlier allows user-assisted remote attackers to execute arbitrary code via a long filename in a gzipped archive, such as a (1) gz, (2) adz, (3) roz, or (4) hdz archive in a compressed floppy disk image. | 6.8 | 20.53% | 2007-12-27 | 2026-04-23 |
| CVE-2007-6535 | Buffer overflow in the YShortcut ActiveX control in YShortcut.dll 2006.8.15.1 in Yahoo! Toolbar might allow attackers to execute arbitrary code via a long string to the IsTaggedBM method. | 6.8 | 1.30% | 2007-12-27 | 2026-04-23 |
| CVE-2007-6533 | Buffer overflow in Zoom Player 6.00 beta 2 and earlier allows user-assisted remote attackers to execute arbitrary code via an HTTP link to a PLS file in a crafted ZPL file, which causes an overflow in Unicode handling when generating an error message. | 7.5 | 17.58% | 2007-12-27 | 2026-04-23 |
| CVE-2007-6530 | Buffer overflow in the XUpload.ocx ActiveX control in Persits Software XUpload 2.1.0.1, and probably other versions before 3.0, as used by HP Mercury LoadRunner and Groove Virtual Office, allows remote attackers to execute arbitrary code via a long argument to the AddFolder function. | 9.3 | 65.75% | 2007-12-27 | 2026-04-23 |
| CVE-2007-4474 | Multiple stack-based buffer overflows in the IBM Lotus Domino Web Access ActiveX control, as provided by inotes6.dll, inotes6w.dll, dwa7.dll, and dwa7w.dll, in Domino 6.x and 7.x allow remote attackers to execute arbitrary code, as demonstrated by an overflow from a long General_ServerName property value when calling the InstallBrowserHelperDll function in the Upload Module in the dwa7.dwa7.1 control in dwa7w.dll 7.0.34.1. | 9.3 | 87.30% | 2007-12-27 | 2026-04-23 |
| CVE-2007-6516 | Buffer overflow in RavWare Software MAS Flic ActiveX Control (masflc.ocx) 1.0.0.1 allows remote attackers to execute arbitrary code via a long FileName property. | 6.8 | 4.74% | 2007-12-21 | 2026-04-23 |
| CVE-2007-6510 | Multiple stack-based buffer overflows in ProWizard 4 PC (prowiz) 1.62 and earlier allow remote attackers to execute arbitrary code via a crafted file to the (1) AMOS-MusicBank, (2) FuzzacPacker, and (3) QuadraComposer rippers; and (4) have an unknown impact via a crafted file to the SkytPacker ripper. | 6.8 | 13.42% | 2007-12-21 | 2026-04-23 |
| CVE-2007-6341 | Net/DNS/RR/A.pm in Net::DNS 0.60 build 654, as used in packages such as SpamAssassin and OTRS, allows remote attackers to cause a denial of service (program "croak") via a crafted DNS response. | 5.0 | 18.96% | 2007-12-20 | 2026-04-23 |
| CVE-2007-6478 | Stack-based buffer overflow in Rosoft Media Player 4.1.7, 4.1.8, and possibly earlier versions allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long string in a .M3U file. NOTE: some of these details are obtained from third party information. | 6.8 | 25.79% | 2007-12-20 | 2026-04-23 |
| CVE-2007-6473 | Heap-based buffer overflow in Texas Imperial Software WFTPD Pro Explorer 1.0 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command. | 5.8 | 4.10% | 2007-12-20 | 2026-04-23 |
| CVE-2007-6353 | Integer overflow in exif.cpp in exiv2 library allows context-dependent attackers to execute arbitrary code via a crafted EXIF file that triggers a heap-based buffer overflow. | 7.5 | 2.34% | 2007-12-20 | 2026-04-23 |
| CVE-2007-6336 | Off-by-one error in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MS-ZIP compressed CAB file. | 6.8 | 9.88% | 2007-12-20 | 2026-04-23 |
| CVE-2007-6245 | Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 allows remote attackers to modify HTTP headers for client requests and conduct HTTP Request Splitting attacks. | 5.8 | 21.81% | 2007-12-20 | 2026-04-23 |
| CVE-2007-6468 | Buffer overflow in the HuffDecode function in hw_utils/hwrcon/huffman.c and hexenworld/Client/huffman.c in Hammer of Thyrion 1.4.2 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted huffman encoded packet. NOTE: some of these details are obtained from third party information. | 9.3 | 4.98% | 2007-12-20 | 2026-04-23 |