CVE-2007-4580

Published: Aug 28, 2007Modified: Apr 23, 2026

7.2

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 3.9 / Impact: 10.0

Source: NVD

Description

Buffer underflow in redlight.sys in BufferZone 2.1 and 2.5 allows local users to cause a denial of service (crash) and possibly execute arbitrary code by sending a small buffer size value to the FsSetVolumeInformation IOCTL handler code with a FsSetDirectoryInformation subcode containing a large buffer.

Affected (1)

Products: Bufferzonesecurity: Bufferzone

Bufferzonesecurity

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Bufferzonesecurity Bufferzone	From 2.1 to 2.5

Related CWEs

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (10)

http://osvdb.org/39154

Source: cve@mitre.org

Broken Link

http://secunia.com/advisories/26608

Source: cve@mitre.org

Broken LinkVendor Advisory

http://securityreason.com/securityalert/3071

Source: cve@mitre.org

Third Party Advisory

http://www.securityfocus.com/archive/1/477726/100/0/threaded

Source: cve@mitre.org

Broken LinkThird Party AdvisoryVDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/36278

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

http://osvdb.org/39154

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

http://secunia.com/advisories/26608

Source: af854a3a-2127-422b-91ae-364da2661108

Broken LinkVendor Advisory

http://securityreason.com/securityalert/3071

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.securityfocus.com/archive/1/477726/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

Broken LinkThird Party AdvisoryVDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/36278

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

Timeline

No history available yet.