Lucene search

[email protected]CVE-2007-1557

HistoryMar 21, 2007 - 1:19 a.m.

CVE-2007-1557

2007-03-2101:19:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-1557

format string vulnerability

f-secure anti-virus

client security

denial of service

privilege escalation

6.8 Medium

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0005 Low

EPSS

Percentile

16.9%

JSON

Format string vulnerability in F-Secure Anti-Virus Client Security 6.02 allows local users to cause a denial of service and possibly gain privileges via format string specifiers in the Management Server name field on the Communication settings page.

CPENameOperatorVersion
f-secure:f-secure_anti-virusf-secure f-secure anti-viruseq6.02

CPE	Name	Operator	Version
f-secure:f-secure_anti-virus	f-secure f-secure anti-virus	eq	6.02

References

osvdb.org/34764

securityreason.com/securityalert/2472

www.layereddefense.com/F-SecureMar18.html

www.securityfocus.com/archive/1/463190/100/0/threaded

www.securityfocus.com/bid/23023

www.vupen.com/english/advisories/2007/1055

6.8 Medium

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0005 Low

EPSS

Percentile

16.9%

JSON

Related for CVE-2007-1557

prion1 cvelist1 securityvulns1