The NCTAudioEditor2 ActiveX control in NCTWMAFile2.dll 2.6.2.157, as distributed in NCTAudioEditor and NCTAudioStudio 2.7, allows remote attackers to overwrite arbitrary files via the CreateFile method.Referenceshttp://osvdb.org/37674http://www.securityfocus.com/bid/24613https://www.exploit-db.com/exploits/4101https://exchange.xforce.ibmcloud.com/vulnerabilities/35018http://secunia.com/advisories/25825http://www.vupen.com/english/advisories/2007/2351
