Lucene search

[email protected]CVE-2007-0180

HistoryJan 11, 2007 - 12:28 a.m.

CVE-2007-0180

2007-01-1100:28:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-0180

ef commander

buffer overflow

iso file

security vulnerability

8.1 High

AI Score

Confidence

High

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.007 Low

EPSS

Percentile

79.6%

JSON

Stack-based buffer overflow in EF Commander 5.75 allows user-assisted attackers to execute arbitrary code via a crafted ISO file containing a file within several nested directories, which produces a large filename that triggers the overflow.

CPENameOperatorVersion
ef_software:ef_commanderef software ef commandereq5.75

CPE	Name	Operator	Version
ef_software:ef_commander	ef software ef commander	eq	5.75

References

osvdb.org/32660

secunia.com/advisories/23659

vuln.sg/efcommander575-en.html

www.securityfocus.com/bid/21969

exchange.xforce.ibmcloud.com/vulnerabilities/31365

8.1 High

AI Score

Confidence

High

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.007 Low

EPSS

Percentile

79.6%

JSON

Related for CVE-2007-0180

prion1 kaspersky1