[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2007-2683Date: (C)2007-05-15   (M)2023-12-22


Buffer overflow in Mutt 1.4.2 might allow local users to execute arbitrary code via "&" characters in the GECOS field, which triggers the overflow during alias expansion.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 3.5
Exploit Score: 1.5
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: HIGH
Authentication: SINGLE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECTRACK-1018066
2007-0024
BID-24192
SECUNIA-25408
SECUNIA-25515
SECUNIA-25529
SECUNIA-25546
SECUNIA-26415
OSVDB-34973
MDKSA-2007:113
RHSA-2007:0386
http://dev.mutt.org/trac/ticket/2885
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=239890
https://issues.rpath.com/browse/RPL-1391
mutt-gecos-bo(34441)
oval:org.mitre.oval:def:10543

© SecPod Technologies