CVSS: 6.5EPSS: 18%CPEs: 2EXPL: 2CVE-2007-4463 – Total Commander FileInfo 2.09 Plugin - Multiple PE File Denial of Service Vulnerabilities
https://notcve.org/view.php?id=CVE-2007-4463
21 Aug 2007 — The Fileinfo 2.0.9 plugin for Total Commander allows user-assisted remote attackers to cause a denial of service (unhandled exception) via an invalid RVA address function pointer in (1) an IMAGE_THUNK_DATA structure, involving the (a) OriginalFirstThunk and (b) FirstThunk IMAGE_IMPORT_DESCRIPTOR fields, or (2) the AddressOfNames IMAGE_EXPORT_DIRECTORY field in a PE file. La extensión Fileinfo 2.0.9 para Total Commander permite a atacantes remotos con la intervención del usuario provocar una denegación de se... • https://www.exploit-db.com/exploits/30512 •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2007-4464
https://notcve.org/view.php?id=CVE-2007-4464
21 Aug 2007 — CRLF injection vulnerability in the Fileinfo 2.0.9 plugin for Total Commander allows user-assisted remote attackers to spoof the information in the Image File Header tab via strings with CRLF sequences in the IMAGE_EXPORT_DIRECTORY array in a PE file, which could complicate forensics investigations. Una vulnerabilidad de inyección CRLF en el plugin Fileinfo versión 2.0.9 para Total Commander, permite a atacantes remotos asistidos por el usuario falsificar la información de la pestaña del encabezado Image Fi... • http://blog.hispasec.com/lab/230 • CWE-94: Improper Control of Generation of Code ('Code Injection') •