admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2007/CVE-2007-43xx/CVE-2007-4396.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

141 lines
4.4 KiB
JSON
Raw Blame History

{
"id": "CVE-2007-4396",
"sourceIdentifier": "cve@mitre.org",
"published": "2007-08-18T21:17:00.000",
"lastModified": "2024-11-21T00:35:29.580",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple CRLF injection vulnerabilities in (1) ixmmsa.pl 0.3, (2) l33tmusic.pl 2.00, (3) mpg123.pl 0.01, (4) ogg123.pl 0.01, (5) xmms.pl 2.0, (6) xmms2.pl 1.1.3, and (7) xmmsinfo.pl 1.1.1.1 scripts for irssi before 0.8.11 allow user-assisted remote attackers to execute arbitrary IRC commands via CRLF sequences in the name of the song in a .mp3 file."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de inyecci\u00f3n de retorno de carro y salto de l\u00ednea (CRLF) en las secuencias de comandos (1) ixmmsa.pl 0.3, (2) l33tmusic.pl 2.00, (3) mpg123.pl 0.01, (4) ogg123.pl 0.01, (5) xmms.pl 2.0, (6) xmms2.pl 1.1.3, y (7) xmmsinfo.pl 1.1.1.1 para irssi anterior a 0.8.11 permite a atacantes remotos con la complicidad del usuario ejecutar comandos de IRC de su elecci\u00f3n mediante secuencias CRLF en el nombre de la canci\u00f3n de un fichero .mp3."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"baseScore": 9.3,
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": true,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:irssi:irssi:*:*:*:*:*:*:*:*",
"versionEndIncluding": "0.8.9",
"matchCriteriaId": "B45AFDA2-CB1F-48D4-89FA-F33945C0E1D7"
}
]
}
]
}
],
"references": [
{
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065227.html",
"source": "cve@mitre.org"
},
{
"url": "http://osvdb.org/39568",
"source": "cve@mitre.org"
},
{
"url": "http://secunia.com/advisories/26483",
"source": "cve@mitre.org"
},
{
"url": "http://securityreason.com/securityalert/3036",
"source": "cve@mitre.org"
},
{
"url": "http://wouter.coekaerts.be/site/security/nowplaying",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/archive/1/476283/100/0/threaded",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/bid/25281",
"source": "cve@mitre.org"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35985",
"source": "cve@mitre.org"
},
{
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065227.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://osvdb.org/39568",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://secunia.com/advisories/26483",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://securityreason.com/securityalert/3036",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://wouter.coekaerts.be/site/security/nowplaying",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.securityfocus.com/archive/1/476283/100/0/threaded",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.securityfocus.com/bid/25281",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35985",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}
Reference in New Issue View Git Blame Copy Permalink