CVE-2007-0602
published 2007-01-30CVE-2007-0602: Buffer overflow in libvsapi.so in the VSAPI library in Trend Micro VirusWall 3.81 for Linux, as used by IScan.BASE/vscan, allows local users to gain privileges…
PriorityP424medium6.9CVSS 2.0
AVLACMAuNCCICAC
EXPLOIT
EPSS
0.88%
54.5th percentile
Buffer overflow in libvsapi.so in the VSAPI library in Trend Micro VirusWall 3.81 for Linux, as used by IScan.BASE/vscan, allows local users to gain privileges via a long command line argument, a different vulnerability than CVE-2005-0533.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| trend_micro | viruswall | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Bugzilla
CVE-2007-3847 httpd: out of bounds read
bugzilla·2007-08-03·CVSS 5.0
CVE-2007-3847 [MEDIUM] CVE-2007-3847 httpd: out of bounds read
CVE-2007-3847 httpd: out of bounds read
A buffer "over-read" flaw was found in Apache httpd used for caching. This
allows a malicious origin server to possibly cause a process crash on a caching
forward proxy, which is a DoS for a threaded MPM on httpd 2.0+
On httpd 1.3 this would cause a client crash but this is not considered a
security issue as httpd would continue to run and spawn new children as required.
http://marc.info/?l=apache-httpd-dev&m=118595556504202&w=2
Discussion:
This issue has been addressed in following products:
Red Hat Certificate System 7.3
Via RHSA-2010:0602 https://rhn.redhat.com/errata/RHSA-2010-0602.html
Bugzilla
CVE-2007-1349 mod_perl PerlRun denial of service
bugzilla·2007-05-17·CVSS 5.0
CVE-2007-1349 [MEDIUM] CVE-2007-1349 mod_perl PerlRun denial of service
CVE-2007-1349 mod_perl PerlRun denial of service
Description of problem:
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl
2.x, does not properly escape PATH_INFO before use in a regular expression,
which allows remote attackers to cause a denial of service (resource
consumption) via a crafted URI.
Discussion:
This issue has been addressed in following products:
Red Hat Certificate System 7.3
Via RHSA-2010:0602 https://rhn.redhat.com/errata/RHSA-2010-0602.html
http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034124&id=EN-1034124http://osvdb.org/33043http://securityreason.com/securityalert/2204http://securitytracker.com/id?1017562http://www.devtarget.org/tmvwall381v3_exp.chttp://www.devtarget.org/trendmicro-advisory-01-2007.txthttp://www.securityfocus.com/archive/1/458111/100/0/threadedhttp://www.vupen.com/english/advisories/2007/0367http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034124&id=EN-1034124http://osvdb.org/33043http://securityreason.com/securityalert/2204http://securitytracker.com/id?1017562http://www.devtarget.org/tmvwall381v3_exp.chttp://www.devtarget.org/trendmicro-advisory-01-2007.txthttp://www.securityfocus.com/archive/1/458111/100/0/threadedhttp://www.vupen.com/english/advisories/2007/0367
2007-01-30
Published