Lucene search

[email protected]CVE-2007-6103

HistoryNov 23, 2007 - 8:46 p.m.

CVE-2007-6103

2007-11-2320:46:00

CWE-20

[email protected]

web.nvd.nist.gov

cve-2007-6103

ihu

remote code execution

denial of service

security vulnerability

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.7 Medium

AI Score

Confidence

High

0.107 Low

EPSS

Percentile

95.1%

JSON

I Hear U (IHU) 0.5.6 and earlier allows remote attackers to cause (1) a denial of service (infinite loop) via a packet that contains zero in the size field in its header, which is improperly handled by the Receiver::processPacket function; and (2) a denial of service (daemon crash) via an (a) IHU_INFO_INIT or a (b) IHU_INFO_RING packet that does not specify the mode, which is improperly handled by the Player::ring function in Player.cpp.

Affected configurations

NVD

Node

ihui_hear_uRange≤0.5.6

CPENameOperatorVersion
ihu:i_hear_uihu i hear ule0.5.6

CPE	Name	Operator	Version
ihu:i_hear_u	ihu i hear u	le	0.5.6

References

aluigi.altervista.org/adv/ihudos-adv.txt

osvdb.org/42395

osvdb.org/42396

secunia.com/advisories/27754

sourceforge.net/project/shownotes.php?release_id=355409&group_id=75788

www.securityfocus.com/bid/26516

exchange.xforce.ibmcloud.com/vulnerabilities/38568

exchange.xforce.ibmcloud.com/vulnerabilities/38569

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.7 Medium

AI Score

Confidence

High

0.107 Low

EPSS

Percentile

95.1%

JSON

Related for CVE-2007-6103

prion1 ubuntucve1 cvelist1 nvd1