Lucene search

[email protected]CVE-2007-1037

HistoryFeb 21, 2007 - 5:28 p.m.

CVE-2007-1037

2007-02-2117:28:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2007-1037

stack-based buffer overflow

news file grabber

remote code execution

.nzb file

information security

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

High

0.242 Low

EPSS

Percentile

96.6%

JSON

Stack-based buffer overflow in News File Grabber 4.1.0.1 and earlier allows remote attackers to execute arbitrary code via a .nzb file with a long subject field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected configurations

NVD

Node

rsbr-softwarenews_file_grabberRange≤4.1.0.1

CPENameOperatorVersion
rsbr-software:news_file_grabberrsbr-software news file grabberle4.1.0.1

CPE	Name	Operator	Version
rsbr-software:news_file_grabber	rsbr-software news file grabber	le	4.1.0.1

References

osvdb.org/33252

secunia.com/advisories/24237

www.securityfocus.com/bid/22617

www.vupen.com/english/advisories/2007/0662

exchange.xforce.ibmcloud.com/vulnerabilities/32577

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

High

0.242 Low

EPSS

Percentile

96.6%

JSON

Related for CVE-2007-1037

cvelist1 prion1 nvd1 securityvulns1