Lucene search

MitreCVE-2007-1827

HistoryApr 03, 2007 - 12:19 a.m.

CVE-2007-1827

2007-04-0300:19:00

mitre

web.nvd.nist.gov

cve-2007-1827

webapp

input validation

data corruption

remote access

arbitrary code execution

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

AI Score

7.5

Confidence

Low

EPSS

0.026

Percentile

90.3%

JSON

Multiple unspecified vulnerabilities in form input validation in web-app.org WebAPP before 0.9.9.6 allow remote authenticated users to corrupt data files, gain access to private files, and execute arbitrary code via “certain characters.”

Affected configurations

Nvd

Node

web-app.orgwebappMatch0.9.9

web-app.orgwebappMatch0.9.9.1

web-app.orgwebappMatch0.9.9.2

web-app.orgwebappMatch0.9.9.2.1

web-app.orgwebappMatch0.9.9.3

web-app.orgwebappMatch0.9.9.3.1

web-app.orgwebappMatch0.9.9.3.2

web-app.orgwebappMatch0.9.9.3.3

web-app.orgwebappMatch0.9.9.3.4

web-app.orgwebappMatch0.9.9.3.5

web-app.orgwebappMatch0.9.9.4

web-app.orgwebappMatch0.9.9.5

VendorProductVersionCPE
web-app.orgwebapp0.9.9cpe:2.3:a:web-app.org:webapp:0.9.9:*:*:*:*:*:*:*
web-app.orgwebapp0.9.9.1cpe:2.3:a:web-app.org:webapp:0.9.9.1:*:*:*:*:*:*:*
web-app.orgwebapp0.9.9.2cpe:2.3:a:web-app.org:webapp:0.9.9.2:*:*:*:*:*:*:*
web-app.orgwebapp0.9.9.2.1cpe:2.3:a:web-app.org:webapp:0.9.9.2.1:*:*:*:*:*:*:*
web-app.orgwebapp0.9.9.3cpe:2.3:a:web-app.org:webapp:0.9.9.3:*:*:*:*:*:*:*
web-app.orgwebapp0.9.9.3.1cpe:2.3:a:web-app.org:webapp:0.9.9.3.1:*:*:*:*:*:*:*
web-app.orgwebapp0.9.9.3.2cpe:2.3:a:web-app.org:webapp:0.9.9.3.2:*:*:*:*:*:*:*
web-app.orgwebapp0.9.9.3.3cpe:2.3:a:web-app.org:webapp:0.9.9.3.3:*:*:*:*:*:*:*
web-app.orgwebapp0.9.9.3.4cpe:2.3:a:web-app.org:webapp:0.9.9.3.4:*:*:*:*:*:*:*
web-app.orgwebapp0.9.9.3.5cpe:2.3:a:web-app.org:webapp:0.9.9.3.5:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
web-app.org	webapp	0.9.9	cpe:2.3:a:web-app.org:webapp:0.9.9:::::::*
web-app.org	webapp	0.9.9.1	cpe:2.3:a:web-app.org:webapp:0.9.9.1:::::::*
web-app.org	webapp	0.9.9.2	cpe:2.3:a:web-app.org:webapp:0.9.9.2:::::::*
web-app.org	webapp	0.9.9.2.1	cpe:2.3:a:web-app.org:webapp:0.9.9.2.1:::::::*
web-app.org	webapp	0.9.9.3	cpe:2.3:a:web-app.org:webapp:0.9.9.3:::::::*
web-app.org	webapp	0.9.9.3.1	cpe:2.3:a:web-app.org:webapp:0.9.9.3.1:::::::*
web-app.org	webapp	0.9.9.3.2	cpe:2.3:a:web-app.org:webapp:0.9.9.3.2:::::::*
web-app.org	webapp	0.9.9.3.3	cpe:2.3:a:web-app.org:webapp:0.9.9.3.3:::::::*
web-app.org	webapp	0.9.9.3.4	cpe:2.3:a:web-app.org:webapp:0.9.9.3.4:::::::*
web-app.org	webapp	0.9.9.3.5	cpe:2.3:a:web-app.org:webapp:0.9.9.3.5:::::::*

Rows per page:

1-10 of 121

References

osvdb.org/45396

secunia.com/advisories/24227

www.attrition.org/pipermail/vim/2007-March/001455.html

www.vupen.com/english/advisories/2007/0720

www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=252

www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=254

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

AI Score

7.5

Confidence

Low

EPSS

0.026

Percentile

90.3%

JSON

Related for CVE-2007-1827