Lucene search

[email protected]CVE-2007-2975

HistoryJun 01, 2007 - 1:30 a.m.

CVE-2007-2975

2007-06-0101:30:00

CWE-264

[email protected]

web.nvd.nist.gov

ignite realtime

openfire

cve-2007-2975

admin console

remote code execution

web.xml

dwr

downloader

security vulnerability

8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.053 Low

EPSS

Percentile

93.0%

JSON

The admin console in Ignite Realtime Openfire 3.3.0 and earlier (formerly Wildfire) does not properly specify a filter mapping in web.xml, which allows remote attackers to gain privileges and execute arbitrary code by accessing functionality that is exposed through DWR, as demonstrated using the downloader.

CPENameOperatorVersion
ignite_realtime:openfireignite realtime openfireeq3.2.0
ignite_realtime:openfireignite realtime openfireeq3.0.1
ignite_realtime:openfireignite realtime openfireeq2.6.1
ignite_realtime:openfireignite realtime openfireeq3.2.2
ignite_realtime:openfireignite realtime openfireeq3.2.3
ignite_realtime:openfireignite realtime openfireeq3.1.0
ignite_realtime:openfireignite realtime openfireeq3.2.1
ignite_realtime:openfireignite realtime openfireeq3.2.4
ignite_realtime:openfireignite realtime openfireeq2.6.0
ignite_realtime:openfireignite realtime openfirele3.3.0

CPE	Name	Operator	Version
ignite_realtime:openfire	ignite realtime openfire	eq	3.2.0
ignite_realtime:openfire	ignite realtime openfire	eq	3.0.1
ignite_realtime:openfire	ignite realtime openfire	eq	2.6.1
ignite_realtime:openfire	ignite realtime openfire	eq	3.2.2
ignite_realtime:openfire	ignite realtime openfire	eq	3.2.3
ignite_realtime:openfire	ignite realtime openfire	eq	3.1.0
ignite_realtime:openfire	ignite realtime openfire	eq	3.2.1
ignite_realtime:openfire	ignite realtime openfire	eq	3.2.4
ignite_realtime:openfire	ignite realtime openfire	eq	2.6.0
ignite_realtime:openfire	ignite realtime openfire	le	3.3.0

Rows per page:

1-10 of 131

References

blogs.reucon.com/srt/2007/05/11/openfire_3_3_1_fixes_critical_security_issue.html

secunia.com/advisories/25427

www.igniterealtime.org/issues/browse/JM-1049

www.osvdb.org/36713

www.securityfocus.com/bid/24205

8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.053 Low

EPSS

Percentile

93.0%

JSON

Related for CVE-2007-2975

nessus1 prion1