CyberSec.Space Logo
Back to CVE Browser

CVE-2007-4148

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0390%
EPSS Percentile6.55th
PublishedAug 3, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

Heap-based buffer overflow in the Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12.4.0.0 allows remote attackers to cause a denial of service (persistent daemon crashes) or execute arbitrary code via a long filename in a "LOG." command.

Affected Platforms (CPE)

πŸ“¦
Visionsoft

Audit

= 12.4.0.0

References & Advisories

πŸ”— http://osvdb.org/46977
πŸ”— http://www.portcullis.co.uk/uplds/advisories/vaheapoverflow%20-%2006_040.txt
πŸ”— http://www.securityfocus.com/bid/25153
πŸ”— http://osvdb.org/46977
πŸ”— http://www.portcullis.co.uk/uplds/advisories/vaheapoverflow%20-%2006_040.txt
πŸ”— http://www.securityfocus.com/bid/25153

Related Vulnerabilities

CVE-1999-057910.0

A Windows NT system's registry audit policy does not log an event success or failure for non-critical registry keys.

CVE-2007-414910.0

The Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12.4.0.0 does not require authentication for (1) the "LOG." com...

CVE-1999-057710.0

A Windows NT system's file audit policy does not log an event success or failure for non-critical files or directories.

CVE-2010-444910.0

Unspecified vulnerability in the Audit Vault component in Oracle Audit Vault 10.2.3.2 allows remote attackers to affect confidenti...