4.3
CVE-2007-1938
- EPSS 1.45%
- Veröffentlicht 10.04.2007 23:19:00
- Zuletzt bearbeitet 16.06.2026 22:38:36
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginIchitaro 2005 through 2007, and possibly related products, allows remote attackers to have an unknown impact via unspecified vectors in a document distributed through e-mail or a web site, possibly due to a buffer overflow or cross-site scripting (XSS).
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.45% | 0.7 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
http://osvdb.org/34759
http://secunia.com/advisories/24780
http://vil.mcafeesecurity.com/vil/content/v_141950.htm
http://www.justsystem.co.jp/info/pd7002.html
http://www.securityfocus.com/bid/23386
http://www.securitytracker.com/id?1017887
http://www.vupen.com/english/advisories/2007/1287
https://exchange.xforce.ibmcloud.com/vulnerabilities/33507