Lucene search

[email protected]CVE-2007-1614

HistoryMar 23, 2007 - 12:19 a.m.

CVE-2007-1614

2007-03-2300:19:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-1614

buffer overflow

zziplib

remote attackers

denial of service

arbitrary code execution

8.1 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.062 Low

EPSS

Percentile

93.4%

JSON

Stack-based buffer overflow in the zzip_open_shared_io function in zzip/file.c in ZZIPlib Library before 0.13.49 allows user-assisted remote attackers to cause a denial of service (application crash) or execute arbitrary code via a long filename.

CPENameOperatorVersion
zziplib:zziplibzziplible0.13.45

CPE	Name	Operator	Version
zziplib:zziplib	zziplib	le	0.13.45

References

osvdb.org/33838

secunia.com/advisories/24586

secunia.com/advisories/24708

security.gentoo.org/glsa/glsa-200704-05.xml

sourceforge.net/project/shownotes.php?group_id=6389&release_id=494587

www.mandriva.com/security/advisories?name=MDKSA-2007:093

www.securityfocus.com/bid/23013

www.securitylab.ru/forum/read.php?FID=21&TID=40858&MID=326187

www.vupen.com/english/advisories/2007/0998

8.1 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.062 Low

EPSS

Percentile

93.4%

JSON

Related for CVE-2007-1614

securityvulns1 nessus1 ubuntucve1 openvas1 debiancve1 prion1 gentoo1