CVE-2007-0021

Опубликовано: 23 янв. 2007

Источник: nvd

CVSS2: 7.5

EPSS Средний

Описание

Format string vulnerability in Apple iChat 3.1.6 allows remote attackers to cause a denial of service (null pointer dereference and application crash) and possibly execute arbitrary code via format string specifiers in an aim:// URI.

Ссылки

http://docs.info.apple.com/article.html?artnum=305102
http://lists.apple.com/archives/Security-announce/2007/Feb/msg00000.html
http://osvdb.org/32715
http://projects.info-pull.com/moab/MOAB-20-01-2007.html
Exploit
Vendor Advisory
http://secunia.com/advisories/24198
http://www.kb.cert.org/vuls/id/794752
US Government Resource
http://www.securityfocus.com/bid/22146
http://www.securitytracker.com/id?1017661
http://www.us-cert.gov/cas/techalerts/TA07-047A.html
US Government Resource
http://www.vupen.com/english/advisories/2007/0274
https://exchange.xforce.ibmcloud.com/vulnerabilities/31679
http://docs.info.apple.com/article.html?artnum=305102
http://lists.apple.com/archives/Security-announce/2007/Feb/msg00000.html
http://osvdb.org/32715
http://projects.info-pull.com/moab/MOAB-20-01-2007.html
Exploit
Vendor Advisory
http://secunia.com/advisories/24198
http://www.kb.cert.org/vuls/id/794752
US Government Resource
http://www.securityfocus.com/bid/22146
http://www.securitytracker.com/id?1017661
http://www.us-cert.gov/cas/techalerts/TA07-047A.html
US Government Resource

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:apple:ichat:3.1.6:*:*:*:*:*:*:*

EPSS

Процентиль: 97%

0.42165

Средний

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-4c3v-jr8f-g5h4

github

почти 4 года назад