5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
7.3 High
AI Score
Confidence
High
0.024 Low
EPSS
Percentile
90.0%
Format string vulnerability in LocalSyslogAppender in Apache log4net 1.2.9 might allow remote attackers to cause a denial of service (memory corruption and termination) via unknown vectors.
exchange.xforce.ibmcloud.com/vulnerabilities/25196
github.com/advisories/GHSA-f9fr-w54q-772h
github.com/apache/logging-log4net/commit/ea3faab25fe5f1d4dbda9f5da8dcfa6fc3d9e1b8
nvd.nist.gov/vuln/detail/CVE-2006-0743
web.archive.org/web/20070114054835/www.novell.com/linux/security/advisories/2006_26_sr.html
web.archive.org/web/20140304060609/https://issues.apache.org/jira/browse/LOG4NET-67
web.archive.org/web/20200229022118/www.securityfocus.com/bid/17095