CVE-2007-0344

Опубликовано: 18 янв. 2007

Источник: nvd

CVSS2: 7.5

EPSS Средний

Описание

Multiple format string vulnerabilities in (1) _invitedToRoom: and (2) _invitedToDirectChat: in Colloquy 2.1 and earlier allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in the channel name of an INVITE request, related to the implementation of AlertSheet and AlertPanel in Apple AppKit.

Ссылки

http://projects.info-pull.com/moab/MOAB-16-01-2007.html
Exploit
http://secunia.com/advisories/23801
Patch
Vendor Advisory
http://www.osvdb.org/32688
http://www.securityfocus.com/bid/22086
Exploit
Patch
http://www.vupen.com/english/advisories/2007/0238
Vendor Advisory
https://www.exploit-db.com/exploits/3139
http://projects.info-pull.com/moab/MOAB-16-01-2007.html
Exploit
http://secunia.com/advisories/23801
Patch
Vendor Advisory
http://www.osvdb.org/32688
http://www.securityfocus.com/bid/22086
Exploit
Patch
http://www.vupen.com/english/advisories/2007/0238
Vendor Advisory
https://www.exploit-db.com/exploits/3139

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:colloquy:colloquy:*:*:*:*:*:*:*:*

Версия до 2.1 (включая)

EPSS

Процентиль: 96%

0.24208

Средний

7.5 High

CVSS2

Дефекты

CWE-134

Связанные уязвимости

CVE-2007-0344

debian

почти 19 лет назад

Multiple format string vulnerabilities in (1) _invitedToRoom: and (2) ...

GHSA-hjvg-mwxc-784g

github

больше 3 лет назад