Lucene search

MitreCVE-2007-2998

HistoryJun 04, 2007 - 5:30 p.m.

CVE-2007-2998

2007-06-0417:30:00

mitre

web.nvd.nist.gov

cve-2007-2998

pascal run-time library

openvms

integrity servers

alpha

denial of service

system crash

nvd

CVSS2

4.9

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.4

Confidence

High

EPSS

Percentile

5.1%

JSON

The Pascal run-time library (PAS$RTL.EXE) before 20070418 on OpenVMS for Integrity Servers 8.3, and PAS$RTL.EXE before 20070419 on OpenVMS Alpha 8.3, does not properly restore PC and PSL values, which allows local users to cause a denial of service (system crash) via certain Pascal code.

Affected configurations

Nvd

Node

hpopenvmsMatch8.3

hpopenvmsMatch8.3integrity_servers

VendorProductVersionCPE
hpopenvms8.3cpe:2.3:o:hp:openvms:8.3:*:*:*:*:*:*:*
hpopenvms8.3cpe:2.3:o:hp:openvms:8.3:*:integrity_servers:*:*:*:*:*

Vendor	Product	Version	CPE
hp	openvms	8.3	cpe:2.3:o:hp:openvms:8.3:::::::*
hp	openvms	8.3	cpe:2.3:o:hp:openvms:8.3::integrity_servers:::::

References

mail.openvms.org:8100/Lists/alerts/Message/503.html

mail.openvms.org:8100/Lists/alerts/Message/504.html

osvdb.org/36800

secunia.com/advisories/25486

www.securityfocus.com/bid/24252

www.vupen.com/english/advisories/2007/2001

exchange.xforce.ibmcloud.com/vulnerabilities/34635

CVSS2

4.9

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.4

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVE-2007-2998