CVE-2007-4550

Опубликовано: 28 авг. 2007

Источник: nvd

CVSS2: 5.1

EPSS Низкий

Описание

Format string vulnerability in ALPass 2.7 English and 3.02 Korean might allow user-assisted remote attackers to execute arbitrary code via format string specifiers in an fnm field in a folder-name record in an ALPASS DB (APW) file.

Ссылки

http://secunia.com/advisories/26616
Third Party Advisory
http://vuln.sg/alpass27-en.html
Exploit
Third Party Advisory
http://www.securityfocus.com/bid/25435
Patch
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/36256
Third Party Advisory
VDB Entry
http://secunia.com/advisories/26616
Third Party Advisory
http://vuln.sg/alpass27-en.html
Exploit
Third Party Advisory
http://www.securityfocus.com/bid/25435
Patch
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/36256
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:altools:alpass:2.7:*:*:en:*:*:*:*

cpe:2.3:a:altools:alpass:3.02:*:*:ko:*:*:*:*

EPSS

Процентиль: 89%

0.04345

Низкий

5.1 Medium

CVSS2

Дефекты

CWE-134

Связанные уязвимости

GHSA-qpg7-hxpw-2pcj

github

почти 4 года назад