Lucene search

PRIOn knowledge basePRION:CVE-2007-0160

HistoryJan 10, 2007 - 12:28 a.m.

Stack overflow

2007-01-1000:28:00

PRIOn knowledge base

www.prio-n.com

8.3 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.081 Low

EPSS

Percentile

94.1%

JSON

Stack-based buffer overflow in the LiveJournal support (hooks/ljhook.cc) in CenterICQ 4.9.11 through 4.21.0, when using unofficial LiveJournal servers, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by adding the victim as a friend and using long (1) username and (2) real name strings.

CPENameOperatorVersion
centericqeq4.9.11
centericqeq4.9.12
centericqeq4.13
centericqeq4.20
centericqeq4.21
centericqeq4.14
centericqeq4.12

Name	Operator	Version
centericq	eq	4.9.11
centericq	eq	4.9.12
centericq	eq	4.13
centericq	eq	4.20
centericq	eq	4.21
centericq	eq	4.14
centericq	eq	4.12

References

osvdb.org/33408

securityreason.com/securityalert/2129

securitytracker.com/id?1017545

www.gentoo.org/security/en/glsa/glsa-200701-20.xml

www.securityfocus.com/archive/1/456255/100/0/threaded

www.securityfocus.com/bid/21932

www.vupen.com/english/advisories/2007/0306

exchange.xforce.ibmcloud.com/vulnerabilities/31330

8.3 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.081 Low

EPSS

Percentile

94.1%

JSON

Related for PRION:CVE-2007-0160