Approved changes feed: RSS · Atom
cpe:2.3:a:afflib:afflib:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Afflib (a29b4585-a509-5d5d-915a-7c3c89321685) |
|---|---|
| Product | Afflib (d8a5d716-5b7a-5612-9403-609029908ef2) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2007-2352 |
vulnerable | 2026-06-08 04:49:44.696620 |
Details available
Multiple format string vulnerabilities in AFFLIB 2.2.6 allow remote attackers to execute arbitrary code via certain command line parameters, which are used in (1) warn and (2) err calls, possibly involving (a) lib/s3.cpp, (b) tools/afconvert.cpp, (c) tools/afcopy.cpp, (d) tools/afinfo.cpp, (e) aimage/imager.cpp, and (f) tools/afxml.cpp. NOTE: this identifier is intended to address the vectors that were not fixed in CVE-2007-2054, but the unfixed vectors were not explicitly listed.
Published: 2007-04-30T22:00:00.000Z
Updated: 2024-08-07T13:33:28.640Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-2055 |
vulnerable | 2026-06-08 04:49:44.090078 |
Details available
AFFLIB 2.2.8 and earlier allows attackers to execute arbitrary commands via shell metacharacters involving (1) certain command line parameters in tools/afconvert.cpp and (2) arguments to the get_parameter function in aimage/ident.cpp. NOTE: it is unknown if the get_parameter vector (2) is ever called.
Published: 2007-04-30T22:00:00.000Z
Updated: 2024-08-07T13:23:50.058Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-2054 |
vulnerable | 2026-06-08 04:49:44.089647 |
Details available
Multiple format string vulnerabilities in AFFLIB before 2.2.6 allow remote attackers to execute arbitrary code via certain command line parameters, which are used in (1) warn and (2) err calls in (a) lib/s3.cpp, (b) tools/afconvert.cpp, (c) tools/afcopy.cpp, (d) tools/afinfo.cpp, (e) aimage/aimage.cpp, (f) aimage/imager.cpp, and (g) tools/afxml.cpp. NOTE: the aimage.cpp vector (e) has since been recalled from the researcher's original advisory, since the code is not called in any version of AFFLIB.
Published: 2007-04-30T22:00:00.000Z
Updated: 2024-08-07T13:23:49.643Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-2053 |
vulnerable | 2026-06-08 04:49:44.089138 |
Details available
Multiple stack-based buffer overflows in AFFLIB before 2.2.6 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via (1) a long LastModified value in an S3 XML response in lib/s3.cpp; (2) a long (a) path or (b) bucket in an S3 URL in lib/vnode_s3.cpp; or (3) a long (c) EFW, (d) AFD, or (c) aimage file path. NOTE: the aimage vector (3c) has since been recalled from the researcher's original advisory, since the code is not called in any version of AFFLIB.
Published: 2007-04-30T22:00:00.000Z
Updated: 2024-08-07T13:23:50.423Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.