CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2007-3695

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0380%
EPSS Percentile33.15th
Published2007年7月11日
Last Modified2026年4月23日

Vulnerability Description

Buffer overflow in LICRCMD.EXE in CA ERwin Process Modeler (formerly AllFusion Process Modeler) 7.1 allows attackers to execute arbitrary code via a long filename. NOTE: the researcher does not suggest any circumstances in which the filename would come from an untrusted source, and therefore perhaps the issue does not cross privilege boundaries and should not be included in CVE.

Affected Platforms (CPE)

📦
Broadcom

Erwin Process Modeler

= 7.1

References & Advisories

🔗 http://osvdb.org/39597
🔗 http://www.eleytt.com/advisories/eleytt_ALLFUSIONLICRCMD.pdf
🔗 http://www.securityfocus.com/bid/24817
🔗 http://osvdb.org/39597
🔗 http://www.eleytt.com/advisories/eleytt_ALLFUSIONLICRCMD.pdf
🔗 http://www.securityfocus.com/bid/24817

相關漏洞威脅

CVE-2007-54354.3

Unspecified vulnerability in CA ERwin Process Modeler (formerly AllFusion Process Modeler) 7.2 might allow user-assisted remote at...

CVE-2007-350010.0

Xeweb XEForum allows remote attackers to gain privileges via a modified xeforum cookie.

CVE-2007-049610.0

PHP remote file inclusion vulnerability in lib/nl/nl.php in Neon Labs Website (nlws) 3.2 and earlier allows remote attackers to ex...

CVE-2007-182210.0

Alcatel-Lucent Lucent Technologies voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailbo...