mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-29 01:31:20 +00:00
409 lines
14 KiB
JSON
409 lines
14 KiB
JSON
{
|
|
"id": "CVE-2007-5007",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2007-12-12T22:10:00.000",
|
|
"lastModified": "2024-11-21T00:36:55.717",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Stack-based buffer overflow in the ir_fetch_seq function in balsa before 2.3.20 might allow remote IMAP servers to execute arbitrary code via a long response to a FETCH command."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Desbordamiento de b\u00fafer basado en pila en la funci\u00f3n ir_fetch_seq de balsa anterior a 2.3.20 pod\u00eda permitir a servidores IMAP remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante una respuesta larga para un comando FETCH."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
|
"baseScore": 6.8,
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "MEDIUM",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "PARTIAL"
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 8.6,
|
|
"impactScore": 6.4,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": true
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-119"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gnome:balsa:1.1.7:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "950C09DA-EAEA-4DE7-8A5E-ED9E82C653F5"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gnome:balsa:1.2.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B1BCE579-53AC-4B05-9E33-ACDA345D5B6A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gnome:balsa:1.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6C0E134F-93E3-4754-98A5-E6917853C99B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gnome:balsa:1.4.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3D0FCECC-E287-486D-A8C1-CA952F4FBC67"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gnome:balsa:2.0.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9EAE6454-3B98-4AC8-8C03-4943F168AEF8"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gnome:balsa:2.0.10:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "91C14FE8-1596-4C1C-924D-D296EDB8FB9F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gnome:balsa:2.0.16:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7225E52A-13A9-4283-8B00-D22C47358871"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gnome:balsa:2.0.17:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C7927268-514A-45C8-9A03-CF33426B2875"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gnome:balsa:2.0.18:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "AFC7FF7A-856E-42BC-9129-A1B28F508EAB"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gnome:balsa:2.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "871512E9-340D-4BC3-A2C0-5D160E6F4004"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gnome:balsa:2.1.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "596A3E04-CB96-4DFE-AE7C-B506DD3C54D8"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gnome:balsa:2.1.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "209D1628-7C99-4722-8038-B835BDE57B5D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gnome:balsa:2.1.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B8E8B391-160B-49E0-8505-AA0E625A792C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gnome:balsa:2.1.90:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "EB30197C-3991-469D-83E9-9EBE17BFA59F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gnome:balsa:2.1.91:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C5BCD53C-61D5-49E2-8854-F8F8021DAA85"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gnome:balsa:2.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "FA6D9C1F-A67A-4E1F-B6BE-9F98F9998DDD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gnome:balsa:2.2.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6B88D420-12D1-4196-9B6C-3A6BD4F4371C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gnome:balsa:2.2.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4FDDFC9F-A654-4644-9E8C-6F5902BFC51B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gnome:balsa:2.2.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "EAFC41E5-6000-44B8-A7AC-426185E8FAB9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gnome:balsa:2.2.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "38D0233D-CCFC-47C0-B4D6-5F5F91A6260A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gnome:balsa:2.2.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "FBA69D3A-E357-4B2A-9E9C-2CADA91E45A3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gnome:balsa:2.2.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9506DE3C-AD8D-4128-AA5A-1B72465B73AF"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gnome:balsa:2.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E1A9132B-91DC-404D-A3CA-69457DB75A71"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gnome:balsa:2.3.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "943CFC36-8856-4D8B-A7E5-DF1458769EBA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gnome:balsa:2.3.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "46DE94C8-F5D4-4D8C-AF9C-0290F24575AE"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gnome:balsa:2.3.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8B6C96C8-34EE-4C10-BB16-A093CB626FFC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gnome:balsa:2.3.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B8C116A3-1F8B-4F6B-8056-0685C9DAF9CF"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gnome:balsa:2.3.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1134D391-A0CF-41AD-B871-423F1929BA58"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gnome:balsa:2.3.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "50F69A80-C311-4840-AF70-ABDDB2D006EB"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gnome:balsa:2.3.7:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "79156072-C833-4C7A-A07A-71DDC5BDCB4B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gnome:balsa:2.3.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2BA4632D-4729-42A3-8778-C02F50D95C27"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gnome:balsa:2.3.10:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0F968DAE-A85A-483E-918F-45DA7CD5C0E4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gnome:balsa:2.3.11:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6730AE89-6168-47FA-8C3C-8A54A8CF0790"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gnome:balsa:2.3.12:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "61899224-39E2-485A-BD02-D0F596D0C3B9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gnome:balsa:2.3.13:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0A3C98B1-04E7-4FB9-BBCA-A0CAC5C85453"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gnome:balsa:2.3.14:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "850D4CD2-1F1F-43B7-8DD0-00985F059637"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gnome:balsa:2.3.15:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9A426AAD-E53A-4BCF-ADA2-A25215F36EA3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gnome:balsa:2.3.16:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6A81A463-B9DF-4626-BA1F-0386D77A3BC9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gnome:balsa:2.3.17:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "BDDA6B44-CB69-47FA-AC29-1A5D7BA14080"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gnome:balsa:2.3.19:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "401E38DB-D54C-49B0-93B6-2DDE6FA93F6E"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://bugs.gentoo.org/show_bug.cgi?id=193179",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Exploit"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://bugzilla.gnome.org/show_bug.cgi?id=474366",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://mail.gnome.org/archives/balsa-list/2007-September/msg00010.html",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://osvdb.org/40585",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/26947",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/26987",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/27272",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.gentoo.org/security/en/glsa/glsa-200710-17.xml",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/25777",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.vupen.com/english/advisories/2007/3263",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=297581",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://bugs.gentoo.org/show_bug.cgi?id=193179",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Exploit"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://bugzilla.gnome.org/show_bug.cgi?id=474366",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://mail.gnome.org/archives/balsa-list/2007-September/msg00010.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://osvdb.org/40585",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/26947",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/26987",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/27272",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.gentoo.org/security/en/glsa/glsa-200710-17.xml",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/25777",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.vupen.com/english/advisories/2007/3263",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=297581",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
}
|
|
],
|
|
"vendorComments": [
|
|
{
|
|
"organization": "Red Hat",
|
|
"comment": "Not vulnerable. This issue did not affect version of balsa as shipped with Red Hat Enterprise Linux 2.1.",
|
|
"lastModified": "2008-01-09T00:00:00"
|
|
}
|
|
]
|
|
} |