NVD

Id
57876  
Name
CVE-2007-5825  
Description
Format string vulnerability in the ws_addarg function in webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to execute arbitrary code via a stats method action to /xml-rpc with format string specifiers in the (1) username or (2) password portion of base64-encoded data on the "Authorization: Basic" HTTP header line.  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-07  
Published
2007-11-05  
Modified Date
2008-09-10  
Seq
2007-5825  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
296213 57876 CVE-2007-5825 http://bugs.gentoo.org/show_bug.cgi?id=200110  View
296214 57876 CVE-2007-5825 http://sourceforge.net/project/shownotes.php?group_id=98211&release_id=548679  View
296215 57876 CVE-2007-5825 DSA-1597  View
296216 57876 CVE-2007-5825 GLSA-200712-18  View
296217 57876 CVE-2007-5825 20071102 [UPH-07-03] Firefly Media Server remote format string vulnerability  View
296218 57876 CVE-2007-5825 20071102 Re: [UPH-07-03] Firefly Media Server remote format string vulnerability  View
296219 57876 CVE-2007-5825 26310  View
296220 57876 CVE-2007-5825 firefly-addarg-format-string(38243)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
54179 JVNDB-2007-002871 Firefly Media Server の mt-dappd の webserver.c の ws_addarg 関数におけるフォーマットストリングの脆弱性 Firefly Media Server の mt-dappd の webserver.c の ws_addarg 関数には、フォーマットストリングの脆弱性が存在します。 CVE-2007-5825 29180 CVE-2007-5825 57876 7.5 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-002871.html 2007-11-05 2012-06-26 View