Current Description

Stack-based buffer overflow in the NCTAudioFile2.AudioFile ActiveX control (NCTAudioFile2.dll), as used by multiple products, allows remote attackers to execute arbitrary code via a long argument to the SetFormatLikeSample function. NOTE: the products include (1) NCTsoft NCTAudioStudio, NCTAudioEditor, and NCTDialogicVoice; (2) Magic Audio Recorder, Music Editor, and Audio Converter; (3) Aurora Media Workshop; DB Audio Mixer And Editor; (4) J. Hepple Products including Fx Audio Editor and others; (5) EXPStudio Audio Editor; (6) iMesh; (7) Quikscribe; (8) RMBSoft AudioConvert and SoundEdit Pro 2.1; (9) CDBurnerXP; (10) Code-it Software Wave MP3 Editor and aBasic Editor; (11) Movavi VideoMessage, DVD to iPod, and others; (12) SoftDiv Software Dexster, iVideoMAX, and others; (13) Sienzo Digital Music Mentor (DMM); (14) MP3 Normalizer; (15) Roemer Software FREE and Easy Hi-Q Recorder, and Easy Hi-Q Converter; (16) Audio Edit Magic; (17) Joshua Video and Audio Converter; (18) Virtual CD; (19) Cheetah CD and DVD Burner; (20) Mystik Media AudioEdit Deluxe, Blaze Media, and others; (21) Power Audio Editor; (22) DanDans Digital Media Full Audio Converter, Music Editing Master, and others; (23) Xrlly Software Text to Speech Makerand Arial Sound Recorder / Audio Converter; (24) Absolute Sound Recorder, Video to Audio Converter, and MP3 Splitter; (25) Easy Ringtone Maker; (26) RecordNRip; (27) McFunSoft iPod Audio Studio, Audio Recorder for Free, and others; (28) MP3 WAV Converter; (29) BearShare; and (30) Oracle Siebel SimBuilder and CRM 7.x.

Basic Data

PublishedJanuary 24, 2007
Last ModifiedOctober 16, 2018
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeCWE-119
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityMEDIUM
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactCOMPLETE
CVSS 2 - Availability ImpactCOMPLETE
CVSS 2 - Base Score9.3
Exploitability Score8.6
Impact Score10.0
Obtain All Privilegetrue
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.


  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationAltdoConvert Mp3 Master1.1*******
    2.3ApplicationAltdoMp3 Record And Edit Audio Master1.2*******
    2.3ApplicationAmericansharewareMp3 Wav Converter3.1.8*******
    2.3ApplicationAudio Edit MagicAudio Edit Magic9.2.3_389*******
    2.3ApplicationCdburnerxpCdburnerxp Pro3.0.116*******
    2.3ApplicationCheetahburnerCheetah Cd Burner3.56*******
    2.3ApplicationCheetahburnerCheetah Dvd Burner1.79*******
    2.3ApplicationCode-it SoftareAbasic Editor10.1*******
    2.3ApplicationCode-it SoftareWave Mp3 Editor10.1*******
    2.3ApplicationDandans Digital Media ProductsEasy Audio Editor7.4*******
    2.3ApplicationDandans Digital Media ProductsFull Audio Converter4.2*******
    2.3ApplicationDandans Digital Media ProductsMusic Editing Master5.2*******
    2.3ApplicationDandans Digital Media ProductsVisual Video Converter4.4*******
    2.3ApplicationDigital BorneoAudio Mixer And Editor1.1.0*******
    2.3ApplicationEasy Ringtone MakerEasy Ringtone Maker2.0.5*******
    2.3ApplicationExpstudioAudio Editor4.0.2*******
    2.3ApplicationIaudiosoft.comAbsolute Mp3 Splitter2.5.4*******
    2.3ApplicationIaudiosoft.comAbsolute Sound Recorder3.4.5*******
    2.3ApplicationIaudiosoft.comAbsolute Video To Audio Converter2.7.9*******
    2.3ApplicationJ Hepple ProductsFx Audio Concat1.2.0_beta*******
    2.3ApplicationJ Hepple ProductsFx Audio Editor4.7.11*******
    2.3ApplicationJ Hepple ProductsFx Audio Tools7.3.4*******
    2.3ApplicationJ Hepple ProductsFx Magic Music5.7.7*******
    2.3ApplicationJ Hepple ProductsFx Movie Joiner6.2.8*******
    2.3ApplicationJ Hepple ProductsFx Movie Joiner And Splitter6.2.8*******
    2.3ApplicationJ Hepple ProductsFx Movie Splitter6.4.7*******
    2.3ApplicationJ Hepple ProductsFx New Sound5.1.1*******
    2.3ApplicationJ Hepple ProductsFx Video Converter7.51.21*******
    2.3ApplicationJoshua MediasoftAudio Convertor Plus2.2*******
    2.3ApplicationJoshua MediasoftVideo Converter Plus3.01*******
    2.3ApplicationMagicvideosoftareMagic Audio Converter8.2.6_build_719*******
    2.3ApplicationMagicvideosoftareMagic Audio Recorder5.3.7*******
    2.3ApplicationMagicvideosoftareMagic Music Editor5.2.2*******
    2.3ApplicationMcfunsoftAudio Editor6.3.3_build_489*******
    2.3ApplicationMcfunsoftAudio Recorder For Free6.1*******
    2.3ApplicationMcfunsoftAudio Studio6.6.3_build_479*******
    2.3ApplicationMcfunsoftIpod Audio Studio6.2.4*******
    2.3ApplicationMcfunsoftIpod Music Converter5.1*******
    2.3ApplicationMcfunsoftRecording To Ipod Solution5.1*******
    2.3ApplicationMediatoxAurora Media Workshop3.3.25*******
    2.3ApplicationMovaviDvd To Ipod1.0*******
    2.3ApplicationMp3-softMp3 Normalizer1.03*******
    2.3ApplicationMystik Media ProductsAudioedit Deluxe4.10*******
    2.3ApplicationMystik Media ProductsBlaze Media Pro7.0*******
    2.3ApplicationMystik Media ProductsBlaze Mediaconvert3.4*******
    2.3ApplicationMystik Media ProductsContextconvert Pro3.1*******
    2.3ApplicationNctsoft ProductsNctaudioeditor2.7.1*******
    2.3ApplicationNctsoft ProductsNctaudiofile2********
    2.3ApplicationNctsoft ProductsNctaudiostudio2.7.1*******
    2.3ApplicationNctsoft ProductsNctdialogicvoice2.7.1*******
    2.3ApplicationNextlevel SystemsAudio Editor Gold9.2.5_build_424*******
    2.3ApplicationNextlevel SystemsAudio Studio Gold7.0.1.1_build_500*******
    2.3ApplicationQuikscribeQuikscribe Player5.022.05*******
    2.3ApplicationQuikscribeQuikscribe Recorder5.021.29*******
    2.3ApplicationRmbsoftSoundedit Pro2.1*******
    2.3ApplicationRoemer SoftwareEasy Hi-q Converter1.7*******
    2.3ApplicationRoemer SoftwareEasy Hi-q Recorder2.0*******
    2.3ApplicationRoemer SoftwareFree Hi-q Recorder1.9*******
    2.3ApplicationSienzoDigital Music Mentor2.6.0.3*******
    2.3ApplicationSmart Media SystemsPower Audio Editor11.0.1*******
    2.3ApplicationSoftdiv SoftareDexster3.0*******
    2.3ApplicationSoftdiv SoftareIvideomax3.9*******
    2.3ApplicationSoftdiv SoftareMp3 To Wav Converter3.0*******
    2.3ApplicationSoftdiv SoftareSnosh1.4*******
    2.3ApplicationSoftdiv SoftareVideozilla2.5*******
    2.3ApplicationVirtual CdVirtual Cd6.0.0.7*******
    2.3ApplicationVirtual CdVirtual Cd7.1.0.2*******
    2.3ApplicationVirtual CdVirtual Cd8.0.0.6*******
    2.3ApplicationVirtual CdVirtual Cd File Server7.1.0.3*******
    2.3ApplicationXrlly SoftwareArial Audio Converter2.3.40*******
    2.3ApplicationXrlly SoftwareArial Sound Recorder1.4.3*******
    2.3ApplicationXrlly SoftwareText To Speech Maker1.3.8*******
    2.3ApplicationXwaver.comMagic Audio Editor Pro10.3.1_build_476*******
    2.3ApplicationXwaver.comMagic Music Studio Pro7.0.2.1_build_500*******

Vulnerable Software List

Altdo Convert Mp3 Master 1.1
Altdo Mp3 Record And Edit Audio Master 1.2
Americanshareware Mp3 Wav Converter 3.1.8
Audio Edit Magic Audio Edit Magic 9.2.3_389
Bearshare Bearshare
Cdburnerxp Cdburnerxp Pro 3.0.116
Cheetahburner Cheetah Cd Burner 3.56
Cheetahburner Cheetah Dvd Burner 1.79
Code-it Softare Abasic Editor 10.1
Code-it Softare Wave Mp3 Editor 10.1
Dandans Digital Media Products Full Audio Converter 4.2
Dandans Digital Media Products Music Editing Master 5.2
Dandans Digital Media Products Visual Video Converter 4.4
Dandans Digital Media Products Easy Audio Editor 7.4
Digital Borneo Audio Mixer And Editor 1.1.0
Easy Ringtone Maker Easy Ringtone Maker 2.0.5
Expstudio Audio Editor 4.0.2 Absolute Mp3 Splitter 2.5.4 Absolute Sound Recorder 3.4.5 Absolute Video To Audio Converter 2.7.9
J Hepple Products Fx New Sound 5.1.1
J Hepple Products Fx Video Converter 7.51.21
J Hepple Products Fx Audio Concat 1.2.0_beta
J Hepple Products Fx Audio Editor 4.7.11
J Hepple Products Fx Audio Tools 7.3.4
J Hepple Products Fx Magic Music 5.7.7
J Hepple Products Fx Movie Joiner 6.2.8
J Hepple Products Fx Movie Joiner And Splitter 6.2.8
J Hepple Products Fx Movie Splitter 6.4.7
Joshua Mediasoft Audio Convertor Plus 2.2
Joshua Mediasoft Video Converter Plus 3.01
Magicvideosoftare Magic Audio Converter 8.2.6_build_719
Magicvideosoftare Magic Audio Recorder 5.3.7
Magicvideosoftare Magic Music Editor 5.2.2
Mcfunsoft Audio Editor 6.3.3_build_489
Mcfunsoft Audio Recorder For Free 6.1
Mcfunsoft Audio Studio 6.6.3_build_479
Mcfunsoft Ipod Audio Studio 6.2.4
Mcfunsoft Ipod Music Converter 5.1
Mcfunsoft Recording To Ipod Solution 5.1
Mediatox Aurora Media Workshop 3.3.25
Movavi Splitmovie 1.4
Movavi Suite 3.5
Movavi Videomessage 1.0
Movavi Chiliburner 2.3
Movavi Convertmovie 4.4
Movavi Dvd To Ipod 1.0
Mp3-soft Mp3 Normalizer 1.03
Mystik Media Products Audioedit Deluxe 4.10
Mystik Media Products Blaze Media Pro 7.0
Mystik Media Products Blaze Mediaconvert 3.4
Mystik Media Products Contextconvert Pro 3.1
Nctsoft Products Nctaudioeditor 2.7.1
Nctsoft Products Nctaudiofile2 *
Nctsoft Products Nctaudiostudio 2.7.1
Nctsoft Products Nctdialogicvoice 2.7.1
Nextlevel Systems Audio Editor Gold 9.2.5_build_424
Nextlevel Systems Audio Studio Gold
Quikscribe Quikscribe Player 5.022.05
Quikscribe Quikscribe Recorder 5.021.29
Recordnrip Recordnrip 1.0
Rmbsoft Audioconvert
Rmbsoft Soundedit Pro 2.1
Roemer Software Easy Hi-q Converter 1.7
Roemer Software Easy Hi-q Recorder 2.0
Roemer Software Free Hi-q Recorder 1.9
Sienzo Digital Music Mentor
Smart Media Systems Power Audio Editor 11.0.1
Softdiv Softare Dexster 3.0
Softdiv Softare Ivideomax 3.9
Softdiv Softare Mp3 To Wav Converter 3.0
Softdiv Softare Snosh 1.4
Softdiv Softare Videozilla 2.5
Virtual Cd Virtual Cd,,
Virtual Cd Virtual Cd File Server
Xrlly Software Arial Sound Recorder 1.4.3
Xrlly Software Text To Speech Maker 1.3.8
Xrlly Software Arial Audio Converter 2.3.40 Magic Audio Editor Pro 10.3.1_build_476 Magic Music Studio Pro Imesh


23475 Advisory
23485 Advisory
23493 Advisory
23495 Advisory
23511 Advisory
23516 Advisory
23530 Advisory
23532 Advisory
23534 Advisory
23543 Advisory
23551 Advisory
23552 Advisory
23553 Advisory
23557 Advisory
23568 Advisory
30459 Advisory Advisory Advisory Advisory Advisory Advisory Advisory Advisory Advisory Advisory Advisory Advisory Advisory Advisory Advisory Advisory Advisory Advisory Advisory Advisory Advisory Advisory Advisory Advisory Advisory Advisory Advisory Advisory Advisory Advisory Advisory Advisory Advisory Advisory
VU#292713 Government Resource
20070124 Secunia Research: NCTsoft Products NCTAudioFile2 ActiveX ControlBuffer Overflow
20070124 Secunia Research: Sienzo Digital Music Mentor NCTAudioFile2ActiveX Control Buffer Overflow
20070124 Re: Secunia Research: NCTsoft Products NCTAudioFile2 ActiveXControl Buffer Overflow