CVEブラウザに戻る

CVE-2007-4916

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0260%

EPSS Percentile26.38th

Published2007年9月17日

Last Modified2026年4月23日

Vulnerability Description

Heap-based buffer overflow in the FileFind::FindFile method in (1) MFC42.dll, (2) MFC42u.dll, (3) MFC71.dll, and (4) MFC71u.dll in Microsoft Foundation Class (MFC) Library 8.0, as used by the ListFiles method in hpqutil.dll 2.0.0.138 in Hewlett-Packard (HP) All-in-One and Photo & Imaging Gallery 1.1 and probably other products, allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long first argument.

Affected Platforms (CPE)

📦

Hp

Photo And Imaging Gallery

= 1.1

🔌

Hp

All In On Printer

All versions

References & Advisories

🔗 http://goodfellas.shellcode.com.ar/own/VULWAR200706041

🔗 http://goodfellas.shellcode.com.ar/own/VULWKU200706142

🔗 http://secunia.com/advisories/26800

🔗 http://securityreason.com/securityalert/3143

🔗 http://www.kb.cert.org/vuls/id/611008

🔗 http://www.securityfocus.com/archive/1/479442/100/0/threaded

🔗 http://www.securityfocus.com/archive/1/479443/100/0/threaded

🔗 http://www.securityfocus.com/bid/25673

関連する脆弱性情報

CVE-2006-16689.0

newimage.php in Eric Gerdes Crafty Syntax Image Gallery (CSIG) (aka PHP thumbnail Photo Gallery) 3.1g and earlier allows remote au...

CVE-2021-244628.8

The get_gallery_categories() and get_galleries() functions in the Photo Gallery by Ays – Responsive Image Gallery WordPress plugin...

CVE-2006-16677.5

SQL injection vulnerability in slides.php in Eric Gerdes Crafty Syntax Image Gallery (CSIG) (aka PHP thumbnail Photo Gallery) 3.1g...

CVE-2021-243626.1

The Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordPress plugin before 1.5.75 did not ensure that uploaded SVG files a...