CVE-2007-4732 — Improper Input Validation in Solaris

CWE-20 — Improper Input Validation3 documents3 sources

Severity

4.9MEDIUMNVD

EPSS

0.1%

top 81.75%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SUN Solaris

Timeline

PublishedSep 6

Latest updateMay 1

Description

Unspecified vulnerability in the strfreectty function in the Special File System (SPECFS) in Sun Solaris 8 through 10 allows local users to cause a denial of service (system panic), related to passing a NULL pointer to the pgsignal function.

CVSS vector

AV:L/AC:L/C:N/I:N/A:CExploitability: 3.9 | Impact: 6.9

Affected Packages1 packages

▶NVDsun/solaris10.0, 8.0, 9.0+2

Patches

Patch: secunia.com ↗Patch: securitytracker.com ↗Patch: sunsolve.sun.com ↗

🔴Vulnerability Details

GHSA

GHSA-322g-vx47-pfp6: Unspecified vulnerability in the strfreectty function in the Special File System (SPECFS) in Sun Solaris 8 through 10 allows local users to cause a de↗2022-05-01

▶

CVEList

CVE-2007-4732: Unspecified vulnerability in the strfreectty function in the Special File System (SPECFS) in Sun Solaris 8 through 10 allows local users to cause a de↗2007-09-06

▶