Lucene search

K
cve[email protected]CVE-2007-0344
HistoryJan 18, 2007 - 2:28 a.m.

CVE-2007-0344

2007-01-1802:28:00
CWE-134
web.nvd.nist.gov
39
cve-2007-0344
format string vulnerabilities
colloquy 2.1
denial of service
execute arbitrary code
nvd

7.8 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.908 High

EPSS

Percentile

98.8%

Multiple format string vulnerabilities in (1) _invitedToRoom: and (2) _invitedToDirectChat: in Colloquy 2.1 and earlier allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in the channel name of an INVITE request, related to the implementation of AlertSheet and AlertPanel in Apple AppKit.

CPENameOperatorVersion
colloquy:colloquycolloquyle2.1

7.8 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.908 High

EPSS

Percentile

98.8%