CVE-2007-4732

EPSS 0.06%
Published 06.09.2007 19:17:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Unspecified vulnerability in the strfreectty function in the Special File System (SPECFS) in Sun Solaris 8 through 10 allows local users to cause a denial of service (system panic), related to passing a NULL pointer to the pgsignal function.

Affected products Warnungen 0 Metrics 2 CWE 1 References 13

Data is provided by the National Vulnerability Database (NVD)

Sun ≫ Solaris Version8.0 Editionsparc

Sun ≫ Solaris Version8.0 Editionx86

Sun ≫ Solaris Version9.0 Editionsparc

Sun ≫ Solaris Version9.0 Editionx86

Sun ≫ Solaris Version10.0 Editionsparc

Sun ≫ Solaris Version10.0 Editionx86

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.06%	0.151

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.9	3.9	6.9	AV:L/AC:L/Au:N/C:N/I:N/A:C

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://osvdb.org/37323

http://secunia.com/advisories/26528

Patch

Vendor Advisory

http://secunia.com/advisories/26731

http://securitytracker.com/id?1018643

Patch

http://sunsolve.sun.com/search/document.do?assetkey=1-26-103009-1

Patch

http://support.avaya.com/elmodocs2/security/ASA-2007-374.htm

http://www.securityfocus.com/bid/25510

http://www.vupen.com/english/advisories/2007/3031