Lucene search

CanonicalCVE-2007-1464

HistoryMar 21, 2007 - 7:19 p.m.

CVE-2007-1464

2007-03-2119:19:00

canonical

web.nvd.nist.gov

cve-2007-1464

whiteboard jabber protocol

format string vulnerability

inkscape 0.45.1

remote code execution

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.3

Confidence

Low

EPSS

0.112

Percentile

95.2%

JSON

Format string vulnerability in the whiteboard Jabber protocol in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors.

Affected configurations

Nvd

Node

inkscapeinkscapeRange≤0.45

VendorProductVersionCPE
inkscapeinkscape*cpe:2.3:a:inkscape:inkscape:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
inkscape	inkscape	*	cpe:2.3:a:inkscape:inkscape::::::::

References

secunia.com/advisories/24615

secunia.com/advisories/24661

secunia.com/advisories/24859

secunia.com/advisories/25072

sourceforge.net/project/shownotes.php?group_id=93438&release_id=495106

www.gentoo.org/security/en/glsa/glsa-200704-10.xml

www.novell.com/linux/security/advisories/2007_8_sr.html

www.securityfocus.com/archive/1/463710/100/0/threaded

www.securityfocus.com/bid/23138

www.vupen.com/english/advisories/2007/1059

exchange.xforce.ibmcloud.com/vulnerabilities/33164

issues.rpath.com/browse/RPL-1170

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.3

Confidence

Low

EPSS

0.112

Percentile

95.2%

JSON

Related for CVE-2007-1464