CVE-2007-1437

Опубликовано: 13 мар. 2007

Источник: nvd

CVSS2: 9

EPSS Низкий

Описание

Unspecified vulnerability in LedgerSMB before 1.1.5 and SQL-Ledger before 2.6.25 allows remote attackers to overwrite files and possibly bypass authentication, and remote authenticated users to execute unauthorized code, by calling a custom error function that returns from execution.

Ссылки

http://secunia.com/advisories/24363
Vendor Advisory
http://secunia.com/advisories/24366
Vendor Advisory
http://securityreason.com/securityalert/2435
http://www.securityfocus.com/archive/1/461944/100/100/threaded
http://secunia.com/advisories/24363
Vendor Advisory
http://secunia.com/advisories/24366
Vendor Advisory
http://securityreason.com/securityalert/2435
http://www.securityfocus.com/archive/1/461944/100/100/threaded

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ledgersmb:ledgersmb:1.0.0:*:*:*:*:*:*:*

cpe:2.3:a:ledgersmb:ledgersmb:1.1.0:*:*:*:*:*:*:*

cpe:2.3:a:ledgersmb:ledgersmb:1.1.1:*:*:*:*:*:*:*

cpe:2.3:a:sql-ledger:sql-ledger:*:*:*:*:*:*:*:*

Версия до 2.6.24 (включая)

EPSS

Процентиль: 73%

0.00787

Низкий

9 Critical

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

CVE-2007-1437

ubuntu

больше 18 лет назад

CVE-2007-1437

debian

больше 18 лет назад

Unspecified vulnerability in LedgerSMB before 1.1.5 and SQL-Ledger bef ...

GHSA-9349-mw6p-6hqh

github

больше 3 лет назад

EPSS

Процентиль: 73%

0.00787

Низкий

9 Critical

CVSS2

Дефекты

NVD-CWE-Other