10
CVE-2007-6109
- EPSS 3.07%
- Veröffentlicht 07.12.2007 11:46:00
- Zuletzt bearbeitet 16.06.2026 22:47:25
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Stack-based buffer overflow in emacs allows user-assisted attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a large precision value in an integer format string specifier to the format function, as demonstrated via a certain "emacs -batch -eval" command line.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.07% | 0.861 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
http://docs.info.apple.com/article.html?artnum=307562
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
http://www.vupen.com/english/advisories/2008/0924/references
http://secunia.com/advisories/29420
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html
http://secunia.com/advisories/28838
http://secunia.com/advisories/27965
http://www.novell.com/linux/security/advisories/2007_25_sr.html
http://secunia.com/advisories/27984
http://security.gentoo.org/glsa/glsa-200712-03.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2008:034
http://bugs.gentoo.org/show_bug.cgi?id=200297
http://secunia.com/advisories/30109
https://exchange.xforce.ibmcloud.com/vulnerabilities/38904
https://usn.ubuntu.com/607-1/