Lucene search

MitreCVE-2007-4533

HistoryAug 25, 2007 - 12:17 a.m.

CVE-2007-4533

2007-08-2500:17:00

mitre

web.nvd.nist.gov

cve-2007-4533

format string vulnerability

vavoom 1.24

remote code execution

broadcastprintf function.

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.6

Confidence

Low

EPSS

0.176

Percentile

96.2%

JSON

Format string vulnerability in the Say command in sv_main.cpp in Vavoom 1.24 and earlier allows remote attackers to execute arbitrary code via format string specifiers in a chat message, related to a call to the BroadcastPrintf function.

Affected configurations

Nvd

Node

vavoomvavoomRange≤1.24

VendorProductVersionCPE
vavoomvavoom*cpe:2.3:a:vavoom:vavoom:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
vavoom	vavoom	*	cpe:2.3:a:vavoom:vavoom::::::::

References

aluigi.altervista.org/adv/vaboom2-adv.txt

secunia.com/advisories/26554

secunia.com/advisories/26701

securityreason.com/securityalert/3057

www.securityfocus.com/bid/25436

bugzilla.redhat.com/show_bug.cgi?id=256621

exchange.xforce.ibmcloud.com/vulnerabilities/36247

www.redhat.com/archives/fedora-package-announce/2007-September/msg00094.html

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.6

Confidence

Low

EPSS

0.176

Percentile

96.2%

JSON

Related for CVE-2007-4533