Lucene search

[email protected]CVE-2007-6563

HistoryDec 28, 2007 - 12:46 a.m.

CVE-2007-6563

2007-12-2800:46:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2007-6563

winace

buffer overflow

remote code execution

uue archive

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8.1 High

AI Score

Confidence

High

0.307 Low

EPSS

Percentile

97.0%

JSON

Heap-based buffer overflow in WinAce 2.65 and earlier, and possibly other versions before 2.69, allows user-assisted remote attackers to execute arbitrary code via a long filename in a compressed UUE archive.

Affected configurations

NVD

Node

winacewinaceRange≤2.65

CPENameOperatorVersion
winace:winacewinacele2.65

CPE	Name	Operator	Version
winace:winace	winace	le	2.65

References

jvn.jp/jp/JVN%2344736880/index.html

jvndb.jvn.jp/contents/ja/2007/JVNDB-2007-000822.html

osvdb.org/40267

secunia.com/advisories/28215

www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071225

www.securityfocus.com/bid/27017

www.vupen.com/english/advisories/2007/4312

exchange.xforce.ibmcloud.com/vulnerabilities/39268

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8.1 High

AI Score

Confidence

High

0.307 Low

EPSS

Percentile

97.0%

JSON

Related for CVE-2007-6563

nvd1 prion1 cvelist1