Lucene search

[email protected]CVE-2007-2998

HistoryJun 04, 2007 - 5:30 p.m.

CVE-2007-2998

2007-06-0417:30:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-2998

pascal run-time library

openvms

integrity servers

alpha

denial of service

system crash

nvd

7.2 High

AI Score

Confidence

High

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

The Pascal run-time library (PAS$RTL.EXE) before 20070418 on OpenVMS for Integrity Servers 8.3, and PAS$RTL.EXE before 20070419 on OpenVMS Alpha 8.3, does not properly restore PC and PSL values, which allows local users to cause a denial of service (system crash) via certain Pascal code.

CPENameOperatorVersion
hp:openvmshp openvmseq8.3

CPE	Name	Operator	Version
hp:openvms	hp openvms	eq	8.3

References

mail.openvms.org:8100/Lists/alerts/Message/503.html

mail.openvms.org:8100/Lists/alerts/Message/504.html

osvdb.org/36800

secunia.com/advisories/25486

www.securityfocus.com/bid/24252

www.vupen.com/english/advisories/2007/2001

exchange.xforce.ibmcloud.com/vulnerabilities/34635

7.2 High

AI Score

Confidence

High

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2007-2998

prion1 cvelist1