CyberSec.Space Logo
Back to CVE Browser

CVE-2007-4983

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0610%
EPSS Percentile20.84th
PublishedSep 19, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

Directory traversal vulnerability in the JetAudio.Interface.1 ActiveX control in JetFlExt.dll in jetAudio 7.0.3 Basic and 7.0.3.3016 allows remote attackers to create or overwrite arbitrary local files via a ..\ (dot dot backslash) in the second argument to the DownloadFromMusicStore method. NOTE: some of these details are obtained from third party information. NOTE: this can be leveraged for code execution by overwriting JetAudio.exe, which is launched by the control after completion of the method call.

Affected Platforms (CPE)

πŸ“¦
Cowon America

Jetaudio

= 7.0.3.3016
πŸ“¦
Cowon America

Jetaudio

= 7.0.3_basic

References & Advisories

πŸ”— http://osvdb.org/37737
πŸ”— http://secunia.com/advisories/26787
πŸ”— http://www.securityfocus.com/bid/25723
πŸ”— http://www.securitytracker.com/id?1018716
πŸ”— http://www.vupen.com/english/advisories/2007/3196
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/36693
πŸ”— https://www.exploit-db.com/exploits/4427
πŸ”— http://osvdb.org/37737

Related Vulnerabilities

CVE-2008-07479.3

Stack-based buffer overflow in COWON America jetAudio 7.0.5 and earlier allows user-assisted remote attackers to execute arbitrary...

CVE-2009-46689.3

Stack-based buffer overflow in JetCast.exe 2.0.4.1109 in jetAudio 7.5.2 and 7.5.3.15 allows remote attackers to execute arbitrary ...

CVE-2007-54879.3

Stack-based buffer overflow in COWON America jetAudio Basic 7.0.3 allows user-assisted remote attackers to execute arbitrary code ...

CVE-2009-46769.3

Stack-based buffer overflow in JetCast.exe 2.0.4.1109 in jetAudio 7.5.2 and 7.5.3.15 allows remote attackers to execute arbitrary ...