Unrated severityNVD Advisory· Published Mar 21, 2007· Updated Apr 23, 2026

CVE-2007-0348

Description

Stack-based buffer overflow in the IASystemInfo.dll ActiveX control in (1) InterActual Player 2.60.12.0717, (2) Roxio CinePlayer 3.2, (3) WinDVD 7.0.27.172, and possibly other products, allows remote attackers to execute arbitrary code via a long ApplicationType property.

Affected products

Interactual Technologies/Interactual Player
cpe:2.3:a:interactual_technologies:interactual_player:2.60.12.0717:*:*:*:*:*:*:*
Intervideo/Windvd
cpe:2.3:a:intervideo:windvd:7.0.27.172:*:*:*:*:*:*:*
Roxio/Cineplayer
cpe:2.3:a:roxio:cineplayer:3.2:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/23032nvdVendor Advisory
secunia.com/advisories/23075nvdVendor Advisory
secunia.com/advisories/24556nvdVendor Advisory
secunia.com/secunia_research/2007-37/advisory/nvdVendor Advisory
www.vupen.com/english/advisories/2007/1042nvdVendor Advisory
www.vupen.com/english/advisories/2007/1043nvdVendor Advisory
www.kb.cert.org/vuls/id/922969nvdUS Government Resource
osvdb.org/34314nvd
osvdb.org/34315nvd
www.securityfocus.com/archive/1/463405/100/0/threadednvd
www.securityfocus.com/bid/23071nvd
exchange.xforce.ibmcloud.com/vulnerabilities/33186nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.058
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000