cbcvebase.
CVE-2007-2027
published 2007-04-13

CVE-2007-2027: Untrusted search path vulnerability in the add_filename_to_string function in intl/gettext/loadmsgcat.c for Elinks 0.11.1 allows local users to cause Elinks to…

PriorityP412medium4.4CVSS 2.0
AVLACMAuNCPIPAP
EXPLOIT
EPSS
0.84%
53.3th percentile
Untrusted search path vulnerability in the add_filename_to_string function in intl/gettext/loadmsgcat.c for Elinks 0.11.1 allows local users to cause Elinks to use an untrusted gettext message catalog (.po file) in a "../po" directory, which can be leveraged to conduct format string attacks.

Affected

6 ranges
VendorProductVersion rangeFixed in
debianelinks< elinks 0.11.1-1.4 (bookworm)elinks 0.11.1-1.4 (bookworm)
elinkselinks
elinkselinks>= 0 < 0.11.1-1.40.11.1-1.4
elinkselinks>= 0 < 0.11.1-1.40.11.1-1.4
elinkselinks>= 0 < 0.11.1-1.40.11.1-1.4
elinkselinks>= 0 < 0.11.1-1.40.11.1-1.4

CVSS provenance

nvdv2.04.4MEDIUMAV:L/AC:M/Au:N/C:P/I:P/A:P
osv4.4MEDIUM
vendor_debian4.4LOW
vendor_redhat4.4MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.