Lucene search

MitreCVE-2007-6130

HistoryNov 26, 2007 - 10:46 p.m.

CVE-2007-6130

2007-11-2622:46:00

CWE-287

mitre

web.nvd.nist.gov

cve-2007-6130

gnump3d

password protection

plugins

remote attackers

access restrictions

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.9

Confidence

Low

EPSS

0.038

Percentile

92.0%

JSON

gnump3d 2.9final does not apply password protection to its plugins, which might allow remote attackers to bypass intended access restrictions.

Affected configurations

Nvd

Node

gnugnump3dMatch2.9final

VendorProductVersionCPE
gnugnump3d2.9cpe:2.3:a:gnu:gnump3d:2.9:final:*:*:*:*:*:*

Vendor	Product	Version	CPE
gnu	gnump3d	2.9	cpe:2.3:a:gnu:gnump3d:2.9:final::::::

References

secunia.com/advisories/27848

secunia.com/advisories/27965

www.gnu.org/software/gnump3d/ChangeLog

www.novell.com/linux/security/advisories/2007_25_sr.html

www.securityfocus.com/bid/26618

www.vupen.com/english/advisories/2007/4039

bugs.gentoo.org/show_bug.cgi?id=193132

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.9

Confidence

Low

EPSS

0.038

Percentile

92.0%

JSON

Related for CVE-2007-6130