CVE DATABASE / CVE-2007-0163
CVE-2007-0163
CVSS 7.8 · HIGH
Summary
SecureKit Steganography 1.7.1 and 1.8 embeds password information in the carrier file, which allows remote attackers to bypass authentication requirements and decrypt embedded steganography by replacing the last 20 bytes of the JPEG image with alternate password information.
CVSS 2.0 breakdown
| Base score | 7.8 (HIGH) |
| Vector | AV:N/AC:L/Au:N/C:C/I:N/A:N |
| Attack vector | NETWORK |
| Attack complexity | LOW |
| Confidentiality | COMPLETE |
| Integrity | NONE |
| Availability | NONE |
Affected products
Securekit securekit steganography
Check this CVE live
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
References
- http://homepage.mac.com/adonismac/Advisory/steg/steganography.html
- http://osvdb.org/31244
- http://secunia.com/advisories/23639
- http://www.securityfocus.com/archive/1/456283/100/0/threaded
- http://www.securityfocus.com/archive/1/456519/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31378
Data: NIST NVD. NVD last modified 2026-04-23. Always verify against the vendor advisory before acting.