CVE-2007-3314

Altap Salamander 2.5 PE Viewer Buffer Overflow

Title source: metasploit

Description

Stack-based buffer overflow in peviewer.spl in Altap Servant Salamander 2.5 with Portable Executable Viewer 2.02 (English Trial), and 2.0 with Portable Executable Viewer 1.00 (English Trial), allows remote attackers to execute arbitrary code via a long PDB debug filename in a PE file.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubylocalwindows

https://www.exploit-db.com/exploits/16656

View Code ZIP pw:eip

metasploit WORKING POC GOOD

by aushack · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/altap_salamander_pdb.rb

View Code ZIP pw:eip

References (6)

[Vendor Advisory] http://secunia.com/advisories/25732

[Exploit] http://vuln.sg/salamander25-en.html

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/34938

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/24557

[Third Party Advisory, VDB Entry] http://osvdb.org/37579

[Third Party Advisory] http://www.vupen.com/english/advisories/2007/2268

Scores

EPSS 0.7660

EPSS Percentile 99.0%

Details

Status published

Products (4)

altap/portable_executable_viewer 2.02

altap/portable_executable_viewer 1.00

altap/servant_salamander 2.5

altap/servant_salamander 2.0

Published Jun 21, 2007

Tracked Since Feb 18, 2026