CVE-2007-3678
NONE EPSS 92.0%
Published Jul 11, 200718y ago · Modified Jun 16, 20262w ago
Published Jul 11, 2007 18y ago
Last Modified Jun 16, 2026 2w ago
Description
Stack-based buffer overflow in the MSWord text-import extension (Word 6-2000 Filter.xnt) in QuarkXPress 7.2 for Windows, when using the Rectangle Text Box tool for importing text, allows user-assisted remote attackers to execute arbitrary code via a long font name.
Threat Intelligence
EPSS Exploit Probability
92.0% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available
Weaknesses 1
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer Memory Safety
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| quark | quarkxpress | 7.2 | any |
References 7
- osvdb.org http://osvdb.org/37890
- secunia.com http://secunia.com/advisories/25994
- vuln.sg http://vuln.sg/quarkxpress72-en.html
- securityfocus.com http://www.securityfocus.com/bid/24872
- securitytracker.com http://www.securitytracker.com/id?1018385
- vupen.com http://www.vupen.com/english/advisories/2007/2504
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/35369
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.