CVE-2007-4549

Name of the Vulnerable Software and Affected Versions ALPass versions 2.7 through 3.02

Description The issue is related to multiple buffer overflows that can be triggered by user-assisted remote attacks. This can occur when an ALPass DB (APW) file contains either a long file-key or a "Site Information and Folder entry" with a ciphertext length value significantly larger than the plaintext length value, allowing attackers to execute arbitrary code.

Recommendations For ALPass versions 2.7 through 3.02, consider avoiding the use of ALPass DB (APW) files that may trigger the buffer overflow until a fix is available. As a temporary workaround, restrict the handling of files with potentially malicious content to minimize the risk of exploitation.