7.5

CVE-2007-0803

Multiple buffer overflows in STLport before 5.0.3 allow remote attackers to execute arbitrary code via unspecified vectors relating to (1) "print floats" and (2) a missing null termination in the "rope constructor."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Stlport ProjectStlport Version < 5.0.3
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 5.81% 0.922
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

http://osvdb.org/33106
Broken Link
http://osvdb.org/33107
Broken Link
http://secunia.com/advisories/24024
Vendor Advisory
Not Applicable
http://secunia.com/advisories/24428
Not Applicable
http://security.gentoo.org/glsa/glsa-200703-07.xml
Third Party Advisory
http://sourceforge.net/project/shownotes.php?release_id=483468
Not Applicable
http://www.securityfocus.com/bid/22423
Patch
Third Party Advisory
Vendor Advisory
VDB Entry
http://www.vupen.com/english/advisories/2007/0498
Permissions Required
https://exchange.xforce.ibmcloud.com/vulnerabilities/32242
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/32244
Third Party Advisory
VDB Entry