CVE-2007-3400 – NCTAudioEditor2 ActiveX DLL 'NCTWMAFile2.dll 2.6.2.157' - File Write

https://notcve.org/view.php?id=CVE-2007-3400

The NCTAudioEditor2 ActiveX control in NCTWMAFile2.dll 2.6.2.157, as distributed in NCTAudioEditor and NCTAudioStudio 2.7, allows remote attackers to overwrite arbitrary files via the CreateFile method. El control ActiveX NCTAudioEditor2 en la biblioteca NCTWMAFile2.dll versión 2.6.2.157, distribuido en NCTAudioEditor y NCTAudioStudio versión 2.7, permite a atacantes remotos sobrescribir archivos arbitrarios por medio del método CreateFile. • https://www.exploit-db.com/exploits/4101 http://osvdb.org/37674 http://secunia.com/advisories/25825 http://www.securityfocus.com/bid/24613 http://www.vupen.com/english/advisories/2007/2351 https://exchange.xforce.ibmcloud.com/vulnerabilities/35018 • CWE-20: Improper Input Validation •