Lucene search

[email protected]CVE-2007-4428

HistoryAug 20, 2007 - 7:17 p.m.

CVE-2007-4428

2007-08-2019:17:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

lhaz 1.33

remote code execution

cve-2007-4428

exploit-lhaz.a

nvd

7.9 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.09 Low

EPSS

Percentile

94.5%

JSON

Lhaz 1.33 allows remote attackers to execute arbitrary code via unknown vectors, as actively exploited in August 2007 by the Exploit-LHAZ.a gzip file, a different issue than CVE-2006-4116.

CPENameOperatorVersion
lhaz:lhazlhazeq1.33

CPE	Name	Operator	Version
lhaz:lhaz	lhaz	eq	1.33

References

osvdb.org/39629

secunia.com/advisories/26532

vil.mcafeesecurity.com/vil/content/v_142976.htm

www.avertlabs.com/research/blog/index.php/2007/08/17/targeted-zero-day-attack-against-free-tools-lhaz/

www.securityfocus.com/bid/25351

www.vupen.com/english/advisories/2007/2930

exchange.xforce.ibmcloud.com/vulnerabilities/36120

7.9 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.09 Low

EPSS

Percentile

94.5%

JSON

Related for CVE-2007-4428

prion1 cve1