Lucene search

K
cvelistMitreCVELIST:CVE-2007-5939
HistoryDec 06, 2007 - 3:00 p.m.

CVE-2007-5939

2007-12-0615:00:00
mitre
www.cve.org
3

AI Score

6.5

Confidence

Low

EPSS

0.021

Percentile

89.4%

The gss_userok function in appl/ftp/ftpd/gss_userok.c in Heimdal 0.7.2 does not allocate memory for the ticketfile pointer before calling free, which allows remote attackers to have an unknown impact via an invalid username. NOTE: the vulnerability was originally reported for ftpd.c, but this is incorrect.

AI Score

6.5

Confidence

Low

EPSS

0.021

Percentile

89.4%