Lucene search

[email protected]NVD:CVE-2007-6355

HistoryDec 18, 2007 - 8:46 p.m.

CVE-2007-6355

2007-12-1820:46:00

CWE-189

[email protected]

web.nvd.nist.gov

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.5 Medium

AI Score

Confidence

Low

0.011 Low

EPSS

Percentile

84.6%

JSON

Integer overflow in exiftags before 1.01 has unknown impact and attack vectors, resulting from a “field offset overflow” that triggers an “illegal memory access,” a different vulnerability than CVE-2007-6354.

Affected configurations

NVD

Node

aertherwideexiftagsRange≤1.00

aertherwideexiftagsMatch0.80

aertherwideexiftagsMatch0.90

aertherwideexiftagsMatch0.91

aertherwideexiftagsMatch0.92

aertherwideexiftagsMatch0.93

aertherwideexiftagsMatch0.94

aertherwideexiftagsMatch0.95

aertherwideexiftagsMatch0.96

aertherwideexiftagsMatch0.97

aertherwideexiftagsMatch0.98

aertherwideexiftagsMatch0.99

References

bugs.gentoo.org/show_bug.cgi?id=202354

johnst.org/sw/exiftags/CHANGES

secunia.com/advisories/28110

secunia.com/advisories/28268

secunia.com/advisories/29580

security.gentoo.org/glsa/glsa-200712-17.xml

www.debian.org/security/2008/dsa-1533

www.securityfocus.com/bid/26892

www.vupen.com/english/advisories/2007/4251

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.5 Medium

AI Score

Confidence

Low

0.011 Low

EPSS

Percentile

84.6%

JSON

Related for NVD:CVE-2007-6355

ubuntucve2 prion2 nvd1 cve2 debiancve2 cvelist2 openvas6 osv2 debian2 gentoo1 nessus2 securityvulns1