Lucene search

K
cve[email protected]CVE-2007-3962
HistoryJul 25, 2007 - 5:30 p.m.

CVE-2007-3962

2007-07-2517:30:00
CWE-119
web.nvd.nist.gov
19
cve-2007-3962
fsplib
stack-based buffer overflow
remote code execution
nvd

7.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.168 Low

EPSS

Percentile

95.9%

Multiple stack-based buffer overflows in fsplib.c in fsplib before 0.9 might allow remote attackers to execute arbitrary code via (1) a long filename that is not properly handled by the fsp_readdir_native function when MAXNAMLEN is greater than 255, or (2) a long d_name directory (dirent) field in the fsp_readdir function.

CPENameOperatorVersion
fsp:c_libraryfsp c libraryle0.8

7.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.168 Low

EPSS

Percentile

95.9%