Format string vulnerability in ALPass 2.7 English and 3.02 Korean might allow user-assisted remote attackers to execute arbitrary code via format string specifiers in an fnm field in a folder-name record in an ALPASS DB (APW) file.
Max CVSS
5.1
EPSS Score
1.03%
Published
2007-08-28
Updated
2017-11-16
Multiple buffer overflows in ALPass 2.7 English and 3.02 Korean allow user-assisted remote attackers to execute arbitrary code via an ALPass DB (APW) file containing (1) a long file-key or (2) a "Site Information and Folder entry" with a ciphertext_length value much larger than the plaintext_length value.
Max CVSS
6.8
EPSS Score
3.08%
Published
2007-08-28
Updated
2017-11-21
2 vulnerabilities found