Vulnerability-Lookup

CVE-2007-5497 (GCVE-0-2007-5497)

Vulnerability from cvelistv5 – Published: 2007-12-07 11:00 – Updated: 2024-08-07 15:31

Summary

Multiple integer overflows in libext2fs in e2fsprogs before 1.40.3 allow user-assisted remote attackers to execute arbitrary code via a crafted filesystem image.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

37 references

URL	Tags
http://secunia.com/advisories/27965	third-party-advisoryx_refsource_SECUNIA
http://www.securitytracker.com/id?1019537	vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/26772	vdb-entryx_refsource_BID
http://www.vmware.com/security/advisories/VMSA-20…	x_refsource_CONFIRM
http://secunia.com/advisories/28541	third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/28000	third-party-advisoryx_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
http://itrc.hp.com/service/cki/docDisplay.do?docI…	vendor-advisoryx_refsource_HP
http://www.redhat.com/support/errata/RHSA-2008-00…	vendor-advisoryx_refsource_REDHAT
http://www.vupen.com/english/advisories/2007/4135	vdb-entryx_refsource_VUPEN
http://itrc.hp.com/service/cki/docDisplay.do?docI…	vendor-advisoryx_refsource_HP
http://www.securityfocus.com/archive/1/487999/100…	mailing-listx_refsource_BUGTRAQ
http://secunia.com/advisories/28042	third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/archive/1/489082/100…	mailing-listx_refsource_BUGTRAQ
http://secunia.com/advisories/29224	third-party-advisoryx_refsource_SECUNIA
https://www.redhat.com/archives/fedora-package-an…	vendor-advisoryx_refsource_FEDORA
http://secunia.com/advisories/40551	third-party-advisoryx_refsource_SECUNIA
http://www.debian.org/security/2007/dsa-1422	vendor-advisoryx_refsource_DEBIAN
http://www.novell.com/linux/security/advisories/2…	vendor-advisoryx_refsource_SUSE
http://secunia.com/advisories/27987	third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/28030	third-party-advisoryx_refsource_SECUNIA
http://www.vupen.com/english/advisories/2008/0761	vdb-entryx_refsource_VUPEN
http://support.citrix.com/article/CTX118766	x_refsource_CONFIRM
http://secunia.com/advisories/27889	third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/28648	third-party-advisoryx_refsource_SECUNIA
http://www.vupen.com/english/advisories/2010/1796	vdb-entryx_refsource_VUPEN
http://www.ubuntu.com/usn/usn-555-1	vendor-advisoryx_refsource_UBUNTU
http://secunia.com/advisories/28360	third-party-advisoryx_refsource_SECUNIA
http://sourceforge.net/project/shownotes.php?rele…	x_refsource_CONFIRM
http://secunia.com/advisories/32774	third-party-advisoryx_refsource_SECUNIA
https://issues.rpath.com/browse/RPL-2011	x_refsource_CONFIRM
https://www.redhat.com/archives/fedora-package-an…	vendor-advisoryx_refsource_FEDORA
http://lists.vmware.com/pipermail/security-announ…	mailing-listx_refsource_MLIST
http://support.avaya.com/elmodocs2/security/ASA-2…	x_refsource_CONFIRM
http://wiki.rpath.com/Advisories:rPSA-2007-0262	x_refsource_CONFIRM
http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA

Date Public ?

2007-12-05 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:31:58.672Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "27965",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27965"
          },
          {
            "name": "1019537",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1019537"
          },
          {
            "name": "26772",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26772"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2008-0004.html"
          },
          {
            "name": "28541",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28541"
          },
          {
            "name": "28000",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28000"
          },
          {
            "name": "e2fsprogs-libext2fs-integer-overflow(38903)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38903"
          },
          {
            "name": "oval:org.mitre.oval:def:10399",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10399"
          },
          {
            "name": "SSRT100018",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083"
          },
          {
            "name": "RHSA-2008:0003",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0003.html"
          },
          {
            "name": "ADV-2007-4135",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/4135"
          },
          {
            "name": "HPSBMA02554",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083"
          },
          {
            "name": "20080212 FLEA-2008-0005-1 e2fsprogs",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/487999/100/0/threaded"
          },
          {
            "name": "28042",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28042"
          },
          {
            "name": "20080303 VMSA-2008-0004 Low: Updated e2fsprogs service console package",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/489082/100/0/threaded"
          },
          {
            "name": "29224",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29224"
          },
          {
            "name": "FEDORA-2007-4461",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00629.html"
          },
          {
            "name": "40551",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/40551"
          },
          {
            "name": "DSA-1422",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2007/dsa-1422"
          },
          {
            "name": "SUSE-SR:2007:025",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_25_sr.html"
          },
          {
            "name": "27987",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27987"
          },
          {
            "name": "28030",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28030"
          },
          {
            "name": "ADV-2008-0761",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0761"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.citrix.com/article/CTX118766"
          },
          {
            "name": "27889",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27889"
          },
          {
            "name": "28648",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28648"
          },
          {
            "name": "ADV-2010-1796",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1796"
          },
          {
            "name": "USN-555-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-555-1"
          },
          {
            "name": "28360",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28360"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sourceforge.net/project/shownotes.php?release_id=560230\u0026group_id=2406"
          },
          {
            "name": "32774",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/32774"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-2011"
          },
          {
            "name": "FEDORA-2007-4447",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00618.html"
          },
          {
            "name": "[Security-announce] 20080303 VMSA-2008-0004 Low: Updated e2fsprogs service console package",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.vmware.com/pipermail/security-announce/2008/000007.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-040.htm"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://wiki.rpath.com/Advisories:rPSA-2007-0262"
          },
          {
            "name": "MDKSA-2007:242",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:242"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-12-05T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple integer overflows in libext2fs in e2fsprogs before 1.40.3 allow user-assisted remote attackers to execute arbitrary code via a crafted filesystem image."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "27965",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27965"
        },
        {
          "name": "1019537",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1019537"
        },
        {
          "name": "26772",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26772"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2008-0004.html"
        },
        {
          "name": "28541",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28541"
        },
        {
          "name": "28000",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28000"
        },
        {
          "name": "e2fsprogs-libext2fs-integer-overflow(38903)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38903"
        },
        {
          "name": "oval:org.mitre.oval:def:10399",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10399"
        },
        {
          "name": "SSRT100018",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083"
        },
        {
          "name": "RHSA-2008:0003",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2008-0003.html"
        },
        {
          "name": "ADV-2007-4135",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/4135"
        },
        {
          "name": "HPSBMA02554",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083"
        },
        {
          "name": "20080212 FLEA-2008-0005-1 e2fsprogs",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/487999/100/0/threaded"
        },
        {
          "name": "28042",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28042"
        },
        {
          "name": "20080303 VMSA-2008-0004 Low: Updated e2fsprogs service console package",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/489082/100/0/threaded"
        },
        {
          "name": "29224",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29224"
        },
        {
          "name": "FEDORA-2007-4461",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00629.html"
        },
        {
          "name": "40551",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/40551"
        },
        {
          "name": "DSA-1422",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2007/dsa-1422"
        },
        {
          "name": "SUSE-SR:2007:025",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_25_sr.html"
        },
        {
          "name": "27987",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27987"
        },
        {
          "name": "28030",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28030"
        },
        {
          "name": "ADV-2008-0761",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0761"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.citrix.com/article/CTX118766"
        },
        {
          "name": "27889",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27889"
        },
        {
          "name": "28648",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28648"
        },
        {
          "name": "ADV-2010-1796",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1796"
        },
        {
          "name": "USN-555-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-555-1"
        },
        {
          "name": "28360",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28360"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sourceforge.net/project/shownotes.php?release_id=560230\u0026group_id=2406"
        },
        {
          "name": "32774",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/32774"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-2011"
        },
        {
          "name": "FEDORA-2007-4447",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00618.html"
        },
        {
          "name": "[Security-announce] 20080303 VMSA-2008-0004 Low: Updated e2fsprogs service console package",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.vmware.com/pipermail/security-announce/2008/000007.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-040.htm"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://wiki.rpath.com/Advisories:rPSA-2007-0262"
        },
        {
          "name": "MDKSA-2007:242",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:242"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2007-5497",
    "datePublished": "2007-12-07T11:00:00.000Z",
    "dateReserved": "2007-10-17T00:00:00.000Z",
    "dateUpdated": "2024-08-07T15:31:58.672Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2007-5497",
      "date": "2026-05-21",
      "epss": "0.02986",
      "percentile": "0.867"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.40.2\", \"matchCriteriaId\": \"5AC81AB4-8B6F-4465-B0F9-BC7B1F72D6AC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.02:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BEE1E909-EA45-4E69-B743-82436045EC12\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.03:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F2B7983A-68C2-4626-8DE5-E8FA15B11CE2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.04:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"86B9567E-A1F0-45AD-9572-DDC1B809FA02\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.05:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CAC3FE84-4183-4727-AFE0-9A48223E50DD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.06:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7AB0B87D-6288-4D16-BFFA-4420D137F0B5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.07:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6199DAD0-FCEB-4917-B0D1-BB823A3EE434\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.08:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"02A625EB-0C5E-4654-9A21-2F8A4ABD2C70\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.09:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8C2FD6C1-8CE1-4C22-9952-5D400A8A6283\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D99BC504-67A4-4494-BFEB-2D49944C045A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"78FFADA7-DD53-47CB-8AC5-DC46CDFEFE53\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D6366A0-ED37-4850-95CB-BB9F9793549C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BE810EB3-685F-419C-B2E0-EBCB2E29D44E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8CA532D0-6B23-41B6-8ECD-4F6F8046EF62\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EB357247-9885-49AD-B7A4-AF4523D3AE96\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"28D7F610-5EAD-46A2-BD42-FE4CF22650EC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"83D1C237-0AE4-4E75-B10A-464DE4BA32DB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6FDAEECA-5C63-4D6F-AA41-934235D15465\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.19:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9CB8E29C-8038-41EF-82FB-27E249F0D946\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FB85C46E-AE17-4EC9-811F-872F9B018679\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.21:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5C46F88A-DF22-45D3-8CE8-A0C3EDE7C4A1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.22:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"73A41A5C-5D90-4A13-ADBB-971B0872667C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.23:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0EEC84D7-456D-436F-B807-35434FC69A9A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.24:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0D615C9B-04B9-480A-8C19-681B720F09B5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.25:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"58897ED4-3494-41C6-9EB3-88074D211023\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.26:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0F75FC1B-E440-4975-8FA4-088B9DA4376D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.27:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"85E46684-0BB0-49D1-A028-440BD815B0A1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.28:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"12F16B8E-49C0-4536-97A8-F284CF9BB61D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.29:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"37893C89-282F-4376-917E-5DD31F2D832D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.30:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C8BD30BE-2E5C-4835-8DEF-FC59EF8A83C5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.31:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C36FCB50-2EAD-4ED7-AD5D-5FD197B8965B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.32:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0F30FAD6-F7AB-4734-BC13-F4DBF7983260\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.33:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0BAB51F0-A94E-4126-B50E-0F99D743D7AE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.34:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"510DB0AF-A11E-4C2A-BD94-7D788EC156A7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.35:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2CDCB34E-D2A2-4AC8-828A-CAB77B68F2FE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.36:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A33EEDE8-9348-425C-AD88-AE10426B3DBA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.37:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6B137B2E-001A-4BFA-BDB2-7378CC903E62\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.38:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E857EA7F-6E7D-4619-9330-867C2A5381FD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.39:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"14C3B4FD-1144-442F-9304-2676FEFAB583\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.40:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"91F06131-5D63-4DF4-8D70-67892F327846\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.40.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"18FCB21D-8D93-4F19-BCFC-3861C5A8DB5F\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Multiple integer overflows in libext2fs in e2fsprogs before 1.40.3 allow user-assisted remote attackers to execute arbitrary code via a crafted filesystem image.\"}, {\"lang\": \"es\", \"value\": \"M\\u00faltiples desbordamientos enteros en libext2fs en e2fsprogs versiones anteriores a 1.40.3, permiten a los atacantes remotos asistidos por el usuario ejecutar c\\u00f3digo arbitrario por medio de una imagen del sistema de archivos especialmente dise\\u00f1ada.\"}]",
      "id": "CVE-2007-5497",
      "lastModified": "2024-11-21T00:38:02.387",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:N\", \"baseScore\": 5.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 4.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2007-12-07T11:46:00.000",
      "references": "[{\"url\": \"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.vmware.com/pipermail/security-announce/2008/000007.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/27889\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/27965\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/27987\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28000\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28030\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28042\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28360\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28541\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28648\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29224\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/32774\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/40551\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://sourceforge.net/project/shownotes.php?release_id=560230\u0026group_id=2406\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://support.avaya.com/elmodocs2/security/ASA-2008-040.htm\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://support.citrix.com/article/CTX118766\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://wiki.rpath.com/Advisories:rPSA-2007-0262\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.debian.org/security/2007/dsa-1422\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDKSA-2007:242\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.novell.com/linux/security/advisories/2007_25_sr.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2008-0003.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/487999/100/0/threaded\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/archive/1/489082/100/0/threaded\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/bid/26772\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securitytracker.com/id?1019537\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.ubuntu.com/usn/usn-555-1\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.vmware.com/security/advisories/VMSA-2008-0004.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.vupen.com/english/advisories/2007/4135\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0761\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1796\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/38903\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://issues.rpath.com/browse/RPL-2011\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10399\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00618.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00629.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.vmware.com/pipermail/security-announce/2008/000007.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/27889\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/27965\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/27987\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28000\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28030\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28042\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28360\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28541\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28648\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29224\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/32774\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/40551\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://sourceforge.net/project/shownotes.php?release_id=560230\u0026group_id=2406\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://support.avaya.com/elmodocs2/security/ASA-2008-040.htm\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://support.citrix.com/article/CTX118766\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://wiki.rpath.com/Advisories:rPSA-2007-0262\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.debian.org/security/2007/dsa-1422\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDKSA-2007:242\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.novell.com/linux/security/advisories/2007_25_sr.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2008-0003.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/487999/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/489082/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/26772\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id?1019537\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.ubuntu.com/usn/usn-555-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vmware.com/security/advisories/VMSA-2008-0004.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2007/4135\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0761\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1796\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/38903\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://issues.rpath.com/browse/RPL-2011\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10399\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00618.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00629.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "secalert@redhat.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-189\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2007-5497\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2007-12-07T11:46:00.000\",\"lastModified\":\"2026-04-23T00:35:47.467\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple integer overflows in libext2fs in e2fsprogs before 1.40.3 allow user-assisted remote attackers to execute arbitrary code via a crafted filesystem image.\"},{\"lang\":\"es\",\"value\":\"M\u00faltiples desbordamientos enteros en libext2fs en e2fsprogs versiones anteriores a 1.40.3, permiten a los atacantes remotos asistidos por el usuario ejecutar c\u00f3digo arbitrario por medio de una imagen del sistema de archivos especialmente dise\u00f1ada.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:N\",\"baseScore\":5.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-189\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.40.2\",\"matchCriteriaId\":\"5AC81AB4-8B6F-4465-B0F9-BC7B1F72D6AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BEE1E909-EA45-4E69-B743-82436045EC12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.03:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2B7983A-68C2-4626-8DE5-E8FA15B11CE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86B9567E-A1F0-45AD-9572-DDC1B809FA02\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.05:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CAC3FE84-4183-4727-AFE0-9A48223E50DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.06:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7AB0B87D-6288-4D16-BFFA-4420D137F0B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.07:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6199DAD0-FCEB-4917-B0D1-BB823A3EE434\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.08:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02A625EB-0C5E-4654-9A21-2F8A4ABD2C70\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.09:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C2FD6C1-8CE1-4C22-9952-5D400A8A6283\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D99BC504-67A4-4494-BFEB-2D49944C045A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78FFADA7-DD53-47CB-8AC5-DC46CDFEFE53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D6366A0-ED37-4850-95CB-BB9F9793549C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE810EB3-685F-419C-B2E0-EBCB2E29D44E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8CA532D0-6B23-41B6-8ECD-4F6F8046EF62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB357247-9885-49AD-B7A4-AF4523D3AE96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"28D7F610-5EAD-46A2-BD42-FE4CF22650EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83D1C237-0AE4-4E75-B10A-464DE4BA32DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FDAEECA-5C63-4D6F-AA41-934235D15465\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9CB8E29C-8038-41EF-82FB-27E249F0D946\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB85C46E-AE17-4EC9-811F-872F9B018679\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C46F88A-DF22-45D3-8CE8-A0C3EDE7C4A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73A41A5C-5D90-4A13-ADBB-971B0872667C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EEC84D7-456D-436F-B807-35434FC69A9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D615C9B-04B9-480A-8C19-681B720F09B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58897ED4-3494-41C6-9EB3-88074D211023\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F75FC1B-E440-4975-8FA4-088B9DA4376D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85E46684-0BB0-49D1-A028-440BD815B0A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12F16B8E-49C0-4536-97A8-F284CF9BB61D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37893C89-282F-4376-917E-5DD31F2D832D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8BD30BE-2E5C-4835-8DEF-FC59EF8A83C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C36FCB50-2EAD-4ED7-AD5D-5FD197B8965B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F30FAD6-F7AB-4734-BC13-F4DBF7983260\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0BAB51F0-A94E-4126-B50E-0F99D743D7AE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"510DB0AF-A11E-4C2A-BD94-7D788EC156A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CDCB34E-D2A2-4AC8-828A-CAB77B68F2FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A33EEDE8-9348-425C-AD88-AE10426B3DBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B137B2E-001A-4BFA-BDB2-7378CC903E62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.38:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E857EA7F-6E7D-4619-9330-867C2A5381FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14C3B4FD-1144-442F-9304-2676FEFAB583\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.40:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91F06131-5D63-4DF4-8D70-67892F327846\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.40.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"18FCB21D-8D93-4F19-BCFC-3861C5A8DB5F\"}]}]}],\"references\":[{\"url\":\"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.vmware.com/pipermail/security-announce/2008/000007.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/27889\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27965\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27987\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28000\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28030\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28042\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28360\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28541\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28648\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29224\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/32774\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/40551\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://sourceforge.net/project/shownotes.php?release_id=560230\u0026group_id=2406\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://support.avaya.com/elmodocs2/security/ASA-2008-040.htm\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://support.citrix.com/article/CTX118766\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://wiki.rpath.com/Advisories:rPSA-2007-0262\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2007/dsa-1422\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2007:242\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.novell.com/linux/security/advisories/2007_25_sr.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2008-0003.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/487999/100/0/threaded\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/489082/100/0/threaded\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/26772\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securitytracker.com/id?1019537\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.ubuntu.com/usn/usn-555-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2008-0004.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/4135\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0761\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1796\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/38903\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://issues.rpath.com/browse/RPL-2011\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10399\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00618.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00629.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.vmware.com/pipermail/security-announce/2008/000007.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/27889\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27965\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27987\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28000\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28030\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28042\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28360\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28541\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28648\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29224\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/32774\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/40551\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://sourceforge.net/project/shownotes.php?release_id=560230\u0026group_id=2406\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.avaya.com/elmodocs2/security/ASA-2008-040.htm\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.citrix.com/article/CTX118766\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://wiki.rpath.com/Advisories:rPSA-2007-0262\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2007/dsa-1422\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2007:242\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.novell.com/linux/security/advisories/2007_25_sr.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2008-0003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/487999/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/489082/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/26772\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1019537\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/usn-555-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2008-0004.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/4135\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0761\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1796\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/38903\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://issues.rpath.com/browse/RPL-2011\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10399\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00618.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00629.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

CERTA-2008-AVI-116

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité dans VMware ESX Server permet à un utilisateur de provoquer un déni de service ou potentiellement d'exécuter du code arbitraire.

Description

VMware ESX Server est un serveur de machines virtuelles. Celui-ci s'appuie sur un certain nombre de logiciels libres pour mettre en œuvre certaines de ses fonctionnalités. En particulier, il embarque le logiciel e2fsprogs permettant la manipulation de systèmes de fichiers ext2. Or, la version de e2fsprogs utilisée par ESX Server comporte plusieurs failles permettant à un utilisateur de provoquer un déni de service ou d'exécuter du code arbitraire via un fichier contenant un système de fichiers ext2 construit de façon particulière.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

VMware ESX Server 2.x.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité VMware VMSA-2008-0004	None	vendor-advisory
Site de VMware :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eVMware ESX Server 2.x.\u003c/p\u003e",
  "content": "## Description\n\nVMware ESX Server est un serveur de machines virtuelles. Celui-ci\ns\u0027appuie sur un certain nombre de logiciels libres pour mettre en \u0153uvre\ncertaines de ses fonctionnalit\u00e9s. En particulier, il embarque le\nlogiciel e2fsprogs permettant la manipulation de syst\u00e8mes de fichiers\next2. Or, la version de e2fsprogs utilis\u00e9e par ESX Server comporte\nplusieurs failles permettant \u00e0 un utilisateur de provoquer un d\u00e9ni de\nservice ou d\u0027ex\u00e9cuter du code arbitraire via un fichier contenant un\nsyst\u00e8me de fichiers ext2 construit de fa\u00e7on particuli\u00e8re.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-5497",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5497"
    }
  ],
  "links": [
    {
      "title": "Site de VMware :",
      "url": "http://www.vmware.com"
    }
  ],
  "reference": "CERTA-2008-AVI-116",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-03-06T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 dans VMware ESX Server permet \u00e0 un utilisateur de\nprovoquer un d\u00e9ni de service ou potentiellement d\u0027ex\u00e9cuter du code\narbitraire.\n",
  "title": "Vuln\u00e9rabilit\u00e9 de VMware ESX Server",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 VMware VMSA-2008-0004",
      "url": "http://lists.vmware.com/pipermail/security-announce/2008/000007.html"
    }
  ]
}

CERTA-2008-AVI-563

Vulnerability from certfr_avis - Published: - Updated:

Plusieurs vulnérabilités affectent Citrix XenServer et permettent à une personne malintentionnée d'exécuter du code arbitraire à distance.

Description

Plusieurs vulnérabilités dans libext2fs de e2fsprogs implémenté dans Citrix XenServer permettent à un utilisateur malveillant, via une image d'un système de fichiers ext spécialement conçue, d'exécuter du code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Citrix XenServer 4.x.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Citrix CTX118766 du 17 novembre 2008

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eCitrix XenServer 4.x.\u003c/P\u003e",
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s dans libext2fs de e2fsprogs impl\u00e9ment\u00e9 dans\nCitrix XenServer permettent \u00e0 un utilisateur malveillant, via une image\nd\u0027un syst\u00e8me de fichiers ext sp\u00e9cialement con\u00e7ue, d\u0027ex\u00e9cuter du code\narbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-5497",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5497"
    }
  ],
  "links": [],
  "reference": "CERTA-2008-AVI-563",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-11-20T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s affectent Citrix XenServer et permettent \u00e0 une\npersonne malintentionn\u00e9e d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Citrix XenServer",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Citrix CTX118766 du 17 novembre 2008",
      "url": "http://support.citrix.com/article/CTX118766"
    }
  ]
}

CERTA-2010-AVI-317

Vulnerability from certfr_avis - Published: - Updated:

De nombreuses vulnérabilités dans des produits HP Insight ont été corrigées, dont certaines permettant l'exécution de code arbitraire à distance.

Description

Plusieurs vulnérabilités dans des produits HP Insight ont été corrigées. Elles sont de natures différentes pouvant aller jusqu'à l'exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	HP Insight Manager 4.x, 5.X et 6.x ;
N/A	N/A	HP Insight Orchestration 6.x ;
N/A	N/A	HP Insight Control Suite For Linux(ICE-Linux) 2.x et 6.x.
N/A	N/A	HP Insight Software Integrated Installer 6.x ;
N/A	N/A	HP Virtual Connect Enterprise Manager 6.x ;
N/A	N/A	HP Insight Control 6.x ;

References

Title

Publication Time

Tags

Bulletins de sécurité HP Insight	None	vendor-advisory
Bulletin de sécurité HP HPSBMA02550 du 13 juillet 2010 :	-	other
Bulletin de sécurité HP HPSBMA02551 du 13 juillet 2010 :	-	other
Bulletin de sécurité HP HPSBMA02554 du 13 juillet 2010 :	-	other
Bulletin de sécurité HP HPSBMA02548 du 13 juillet 2010 :	-	other
Bulletin de sécurité HP HPSBMA02549 du 13 juillet 2010 :	-	other
Bulletin de sécurité HP HPSBMA02547 du 13 juillet 2010 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "HP Insight Manager 4.x, 5.X et 6.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "HP Insight Orchestration 6.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "HP Insight Control Suite For Linux(ICE-Linux) 2.x et 6.x.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "HP Insight Software Integrated Installer 6.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "HP Virtual Connect Enterprise Manager 6.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "HP Insight Control 6.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s dans des produits HP Insight ont \u00e9t\u00e9 corrig\u00e9es.\nElles sont de natures diff\u00e9rentes pouvant aller jusqu\u0027\u00e0 l\u0027ex\u00e9cution de\ncode arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-3793",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3793"
    },
    {
      "name": "CVE-2010-2167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2167"
    },
    {
      "name": "CVE-2010-2173",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2173"
    },
    {
      "name": "CVE-2010-1129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1129"
    },
    {
      "name": "CVE-2010-2163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2163"
    },
    {
      "name": "CVE-2009-1524",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1524"
    },
    {
      "name": "CVE-2010-0090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0090"
    },
    {
      "name": "CVE-2010-0840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0840"
    },
    {
      "name": "CVE-2010-0846",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0846"
    },
    {
      "name": "CVE-2010-2170",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2170"
    },
    {
      "name": "CVE-2008-5110",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-5110"
    },
    {
      "name": "CVE-2010-0844",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0844"
    },
    {
      "name": "CVE-2010-0841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0841"
    },
    {
      "name": "CVE-2010-0845",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0845"
    },
    {
      "name": "CVE-2010-2176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2176"
    },
    {
      "name": "CVE-2009-0692",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0692"
    },
    {
      "name": "CVE-2010-1967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1967"
    },
    {
      "name": "CVE-2010-0089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0089"
    },
    {
      "name": "CVE-2010-0847",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0847"
    },
    {
      "name": "CVE-2009-3555",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3555"
    },
    {
      "name": "CVE-2010-2162",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2162"
    },
    {
      "name": "CVE-2010-1968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1968"
    },
    {
      "name": "CVE-2010-2172",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2172"
    },
    {
      "name": "CVE-2010-2181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2181"
    },
    {
      "name": "CVE-2010-1969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1969"
    },
    {
      "name": "CVE-2010-0843",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0843"
    },
    {
      "name": "CVE-2010-2160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2160"
    },
    {
      "name": "CVE-2010-0839",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0839"
    },
    {
      "name": "CVE-2010-0849",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0849"
    },
    {
      "name": "CVE-2010-2179",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2179"
    },
    {
      "name": "CVE-2010-0093",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0093"
    },
    {
      "name": "CVE-2010-0848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0848"
    },
    {
      "name": "CVE-2010-2165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2165"
    },
    {
      "name": "CVE-2010-2171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2171"
    },
    {
      "name": "CVE-2010-0092",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0092"
    },
    {
      "name": "CVE-2010-2182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2182"
    },
    {
      "name": "CVE-2010-1971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1971"
    },
    {
      "name": "CVE-2007-5497",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5497"
    },
    {
      "name": "CVE-2010-0085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0085"
    },
    {
      "name": "CVE-2010-0095",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0095"
    },
    {
      "name": "CVE-2010-2175",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2175"
    },
    {
      "name": "CVE-2010-2180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2180"
    },
    {
      "name": "CVE-2010-1970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1970"
    },
    {
      "name": "CVE-2008-4546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4546"
    },
    {
      "name": "CVE-2010-1297",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1297"
    },
    {
      "name": "CVE-2010-0091",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0091"
    },
    {
      "name": "CVE-2010-2187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2187"
    },
    {
      "name": "CVE-2010-2164",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2164"
    },
    {
      "name": "CVE-2010-1965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1965"
    },
    {
      "name": "CVE-2010-2161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2161"
    },
    {
      "name": "CVE-2010-0084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0084"
    },
    {
      "name": "CVE-2010-2178",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2178"
    },
    {
      "name": "CVE-2010-2177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2177"
    },
    {
      "name": "CVE-2010-2166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2166"
    },
    {
      "name": "CVE-2010-2184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2184"
    },
    {
      "name": "CVE-2010-0088",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0088"
    },
    {
      "name": "CVE-2010-0842",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0842"
    },
    {
      "name": "CVE-2010-0837",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0837"
    },
    {
      "name": "CVE-2010-2189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2189"
    },
    {
      "name": "CVE-2010-2174",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2174"
    },
    {
      "name": "CVE-2010-2169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2169"
    },
    {
      "name": "CVE-2010-2188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2188"
    },
    {
      "name": "CVE-2010-2185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2185"
    },
    {
      "name": "CVE-2010-0094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0094"
    },
    {
      "name": "CVE-2010-0082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0082"
    },
    {
      "name": "CVE-2010-0087",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0087"
    },
    {
      "name": "CVE-2007-2452",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-2452"
    },
    {
      "name": "CVE-2010-2186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2186"
    },
    {
      "name": "CVE-2009-1523",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1523"
    },
    {
      "name": "CVE-2010-2183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2183"
    },
    {
      "name": "CVE-2010-0838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0838"
    },
    {
      "name": "CVE-2010-0850",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0850"
    },
    {
      "name": "CVE-2010-0001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0001"
    },
    {
      "name": "CVE-2010-1966",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1966"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 HP HPSBMA02550 du 13 juillet 2010 :",
      "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=HPSBMA02550"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 HP HPSBMA02551 du 13 juillet 2010 :",
      "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=HPSBMA02551"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 HP HPSBMA02554 du 13 juillet 2010 :",
      "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=HPSBMA02554"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 HP HPSBMA02548 du 13 juillet 2010 :",
      "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=HPSBMA02548"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 HP HPSBMA02549 du 13 juillet 2010 :",
      "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=HPSBMA02549"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 HP HPSBMA02547 du 13 juillet 2010 :",
      "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=HPSBMA02547"
    }
  ],
  "reference": "CERTA-2010-AVI-317",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2010-07-16T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De nombreuses vuln\u00e9rabilit\u00e9s dans des produits HP Insight ont \u00e9t\u00e9\ncorrig\u00e9es, dont certaines permettant l\u0027ex\u00e9cution de code arbitraire \u00e0\ndistance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans HP Insight",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletins de s\u00e9curit\u00e9 HP Insight",
      "url": null
    }
  ]
}

CERTA-2008-AVI-116

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité dans VMware ESX Server permet à un utilisateur de provoquer un déni de service ou potentiellement d'exécuter du code arbitraire.

Description

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

VMware ESX Server 2.x.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité VMware VMSA-2008-0004	None	vendor-advisory
Site de VMware :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eVMware ESX Server 2.x.\u003c/p\u003e",
  "content": "## Description\n\nVMware ESX Server est un serveur de machines virtuelles. Celui-ci\ns\u0027appuie sur un certain nombre de logiciels libres pour mettre en \u0153uvre\ncertaines de ses fonctionnalit\u00e9s. En particulier, il embarque le\nlogiciel e2fsprogs permettant la manipulation de syst\u00e8mes de fichiers\next2. Or, la version de e2fsprogs utilis\u00e9e par ESX Server comporte\nplusieurs failles permettant \u00e0 un utilisateur de provoquer un d\u00e9ni de\nservice ou d\u0027ex\u00e9cuter du code arbitraire via un fichier contenant un\nsyst\u00e8me de fichiers ext2 construit de fa\u00e7on particuli\u00e8re.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-5497",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5497"
    }
  ],
  "links": [
    {
      "title": "Site de VMware :",
      "url": "http://www.vmware.com"
    }
  ],
  "reference": "CERTA-2008-AVI-116",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-03-06T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 dans VMware ESX Server permet \u00e0 un utilisateur de\nprovoquer un d\u00e9ni de service ou potentiellement d\u0027ex\u00e9cuter du code\narbitraire.\n",
  "title": "Vuln\u00e9rabilit\u00e9 de VMware ESX Server",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 VMware VMSA-2008-0004",
      "url": "http://lists.vmware.com/pipermail/security-announce/2008/000007.html"
    }
  ]
}

CERTA-2008-AVI-563

Vulnerability from certfr_avis - Published: - Updated:

Plusieurs vulnérabilités affectent Citrix XenServer et permettent à une personne malintentionnée d'exécuter du code arbitraire à distance.

Description

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Citrix XenServer 4.x.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Citrix CTX118766 du 17 novembre 2008

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eCitrix XenServer 4.x.\u003c/P\u003e",
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s dans libext2fs de e2fsprogs impl\u00e9ment\u00e9 dans\nCitrix XenServer permettent \u00e0 un utilisateur malveillant, via une image\nd\u0027un syst\u00e8me de fichiers ext sp\u00e9cialement con\u00e7ue, d\u0027ex\u00e9cuter du code\narbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-5497",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5497"
    }
  ],
  "links": [],
  "reference": "CERTA-2008-AVI-563",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-11-20T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s affectent Citrix XenServer et permettent \u00e0 une\npersonne malintentionn\u00e9e d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Citrix XenServer",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Citrix CTX118766 du 17 novembre 2008",
      "url": "http://support.citrix.com/article/CTX118766"
    }
  ]
}

CERTA-2010-AVI-317

Vulnerability from certfr_avis - Published: - Updated:

De nombreuses vulnérabilités dans des produits HP Insight ont été corrigées, dont certaines permettant l'exécution de code arbitraire à distance.

Description

Plusieurs vulnérabilités dans des produits HP Insight ont été corrigées. Elles sont de natures différentes pouvant aller jusqu'à l'exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	HP Insight Manager 4.x, 5.X et 6.x ;
N/A	N/A	HP Insight Orchestration 6.x ;
N/A	N/A	HP Insight Control Suite For Linux(ICE-Linux) 2.x et 6.x.
N/A	N/A	HP Insight Software Integrated Installer 6.x ;
N/A	N/A	HP Virtual Connect Enterprise Manager 6.x ;
N/A	N/A	HP Insight Control 6.x ;

References

Title

Publication Time

Tags

Bulletins de sécurité HP Insight	None	vendor-advisory
Bulletin de sécurité HP HPSBMA02550 du 13 juillet 2010 :	-	other
Bulletin de sécurité HP HPSBMA02551 du 13 juillet 2010 :	-	other
Bulletin de sécurité HP HPSBMA02554 du 13 juillet 2010 :	-	other
Bulletin de sécurité HP HPSBMA02548 du 13 juillet 2010 :	-	other
Bulletin de sécurité HP HPSBMA02549 du 13 juillet 2010 :	-	other
Bulletin de sécurité HP HPSBMA02547 du 13 juillet 2010 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "HP Insight Manager 4.x, 5.X et 6.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "HP Insight Orchestration 6.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "HP Insight Control Suite For Linux(ICE-Linux) 2.x et 6.x.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "HP Insight Software Integrated Installer 6.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "HP Virtual Connect Enterprise Manager 6.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "HP Insight Control 6.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s dans des produits HP Insight ont \u00e9t\u00e9 corrig\u00e9es.\nElles sont de natures diff\u00e9rentes pouvant aller jusqu\u0027\u00e0 l\u0027ex\u00e9cution de\ncode arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-3793",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3793"
    },
    {
      "name": "CVE-2010-2167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2167"
    },
    {
      "name": "CVE-2010-2173",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2173"
    },
    {
      "name": "CVE-2010-1129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1129"
    },
    {
      "name": "CVE-2010-2163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2163"
    },
    {
      "name": "CVE-2009-1524",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1524"
    },
    {
      "name": "CVE-2010-0090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0090"
    },
    {
      "name": "CVE-2010-0840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0840"
    },
    {
      "name": "CVE-2010-0846",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0846"
    },
    {
      "name": "CVE-2010-2170",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2170"
    },
    {
      "name": "CVE-2008-5110",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-5110"
    },
    {
      "name": "CVE-2010-0844",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0844"
    },
    {
      "name": "CVE-2010-0841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0841"
    },
    {
      "name": "CVE-2010-0845",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0845"
    },
    {
      "name": "CVE-2010-2176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2176"
    },
    {
      "name": "CVE-2009-0692",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0692"
    },
    {
      "name": "CVE-2010-1967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1967"
    },
    {
      "name": "CVE-2010-0089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0089"
    },
    {
      "name": "CVE-2010-0847",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0847"
    },
    {
      "name": "CVE-2009-3555",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3555"
    },
    {
      "name": "CVE-2010-2162",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2162"
    },
    {
      "name": "CVE-2010-1968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1968"
    },
    {
      "name": "CVE-2010-2172",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2172"
    },
    {
      "name": "CVE-2010-2181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2181"
    },
    {
      "name": "CVE-2010-1969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1969"
    },
    {
      "name": "CVE-2010-0843",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0843"
    },
    {
      "name": "CVE-2010-2160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2160"
    },
    {
      "name": "CVE-2010-0839",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0839"
    },
    {
      "name": "CVE-2010-0849",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0849"
    },
    {
      "name": "CVE-2010-2179",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2179"
    },
    {
      "name": "CVE-2010-0093",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0093"
    },
    {
      "name": "CVE-2010-0848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0848"
    },
    {
      "name": "CVE-2010-2165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2165"
    },
    {
      "name": "CVE-2010-2171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2171"
    },
    {
      "name": "CVE-2010-0092",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0092"
    },
    {
      "name": "CVE-2010-2182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2182"
    },
    {
      "name": "CVE-2010-1971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1971"
    },
    {
      "name": "CVE-2007-5497",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5497"
    },
    {
      "name": "CVE-2010-0085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0085"
    },
    {
      "name": "CVE-2010-0095",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0095"
    },
    {
      "name": "CVE-2010-2175",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2175"
    },
    {
      "name": "CVE-2010-2180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2180"
    },
    {
      "name": "CVE-2010-1970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1970"
    },
    {
      "name": "CVE-2008-4546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4546"
    },
    {
      "name": "CVE-2010-1297",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1297"
    },
    {
      "name": "CVE-2010-0091",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0091"
    },
    {
      "name": "CVE-2010-2187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2187"
    },
    {
      "name": "CVE-2010-2164",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2164"
    },
    {
      "name": "CVE-2010-1965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1965"
    },
    {
      "name": "CVE-2010-2161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2161"
    },
    {
      "name": "CVE-2010-0084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0084"
    },
    {
      "name": "CVE-2010-2178",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2178"
    },
    {
      "name": "CVE-2010-2177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2177"
    },
    {
      "name": "CVE-2010-2166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2166"
    },
    {
      "name": "CVE-2010-2184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2184"
    },
    {
      "name": "CVE-2010-0088",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0088"
    },
    {
      "name": "CVE-2010-0842",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0842"
    },
    {
      "name": "CVE-2010-0837",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0837"
    },
    {
      "name": "CVE-2010-2189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2189"
    },
    {
      "name": "CVE-2010-2174",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2174"
    },
    {
      "name": "CVE-2010-2169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2169"
    },
    {
      "name": "CVE-2010-2188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2188"
    },
    {
      "name": "CVE-2010-2185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2185"
    },
    {
      "name": "CVE-2010-0094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0094"
    },
    {
      "name": "CVE-2010-0082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0082"
    },
    {
      "name": "CVE-2010-0087",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0087"
    },
    {
      "name": "CVE-2007-2452",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-2452"
    },
    {
      "name": "CVE-2010-2186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2186"
    },
    {
      "name": "CVE-2009-1523",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1523"
    },
    {
      "name": "CVE-2010-2183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2183"
    },
    {
      "name": "CVE-2010-0838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0838"
    },
    {
      "name": "CVE-2010-0850",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0850"
    },
    {
      "name": "CVE-2010-0001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0001"
    },
    {
      "name": "CVE-2010-1966",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1966"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 HP HPSBMA02550 du 13 juillet 2010 :",
      "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=HPSBMA02550"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 HP HPSBMA02551 du 13 juillet 2010 :",
      "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=HPSBMA02551"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 HP HPSBMA02554 du 13 juillet 2010 :",
      "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=HPSBMA02554"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 HP HPSBMA02548 du 13 juillet 2010 :",
      "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=HPSBMA02548"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 HP HPSBMA02549 du 13 juillet 2010 :",
      "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=HPSBMA02549"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 HP HPSBMA02547 du 13 juillet 2010 :",
      "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=HPSBMA02547"
    }
  ],
  "reference": "CERTA-2010-AVI-317",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2010-07-16T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De nombreuses vuln\u00e9rabilit\u00e9s dans des produits HP Insight ont \u00e9t\u00e9\ncorrig\u00e9es, dont certaines permettant l\u0027ex\u00e9cution de code arbitraire \u00e0\ndistance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans HP Insight",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletins de s\u00e9curit\u00e9 HP Insight",
      "url": null
    }
  ]
}

FKIE_CVE-2007-5497

Vulnerability from fkie_nvd - Published: 2007-12-07 11:46 - Updated: 2026-04-23 00:35

Severity ?

Summary

Multiple integer overflows in libext2fs in e2fsprogs before 1.40.3 allow user-assisted remote attackers to execute arbitrary code via a crafted filesystem image.

References

URL	Tags
secalert@redhat.com	http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083
secalert@redhat.com	http://lists.vmware.com/pipermail/security-announce/2008/000007.html
secalert@redhat.com	http://secunia.com/advisories/27889	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/27965	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/27987	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/28000	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/28030	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/28042	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/28360	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/28541	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/28648	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/29224	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/32774
secalert@redhat.com	http://secunia.com/advisories/40551	Vendor Advisory
secalert@redhat.com	http://sourceforge.net/project/shownotes.php?release_id=560230&group_id=2406
secalert@redhat.com	http://support.avaya.com/elmodocs2/security/ASA-2008-040.htm
secalert@redhat.com	http://support.citrix.com/article/CTX118766
secalert@redhat.com	http://wiki.rpath.com/Advisories:rPSA-2007-0262
secalert@redhat.com	http://www.debian.org/security/2007/dsa-1422
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2007:242
secalert@redhat.com	http://www.novell.com/linux/security/advisories/2007_25_sr.html
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2008-0003.html	Vendor Advisory
secalert@redhat.com	http://www.securityfocus.com/archive/1/487999/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/archive/1/489082/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/bid/26772
secalert@redhat.com	http://www.securitytracker.com/id?1019537
secalert@redhat.com	http://www.ubuntu.com/usn/usn-555-1
secalert@redhat.com	http://www.vmware.com/security/advisories/VMSA-2008-0004.html
secalert@redhat.com	http://www.vupen.com/english/advisories/2007/4135	Vendor Advisory
secalert@redhat.com	http://www.vupen.com/english/advisories/2008/0761	Vendor Advisory
secalert@redhat.com	http://www.vupen.com/english/advisories/2010/1796	Vendor Advisory
secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/38903
secalert@redhat.com	https://issues.rpath.com/browse/RPL-2011
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10399
secalert@redhat.com	https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00618.html
secalert@redhat.com	https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00629.html
af854a3a-2127-422b-91ae-364da2661108	http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083
af854a3a-2127-422b-91ae-364da2661108	http://lists.vmware.com/pipermail/security-announce/2008/000007.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27889	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27965	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27987	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28000	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28030	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28042	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28360	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28541	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28648	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29224	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/32774
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/40551	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://sourceforge.net/project/shownotes.php?release_id=560230&group_id=2406
af854a3a-2127-422b-91ae-364da2661108	http://support.avaya.com/elmodocs2/security/ASA-2008-040.htm
af854a3a-2127-422b-91ae-364da2661108	http://support.citrix.com/article/CTX118766
af854a3a-2127-422b-91ae-364da2661108	http://wiki.rpath.com/Advisories:rPSA-2007-0262
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2007/dsa-1422
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2007:242
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2007_25_sr.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2008-0003.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/487999/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/489082/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/26772
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1019537
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/usn-555-1
af854a3a-2127-422b-91ae-364da2661108	http://www.vmware.com/security/advisories/VMSA-2008-0004.html
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/4135	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0761	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/1796	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/38903
af854a3a-2127-422b-91ae-364da2661108	https://issues.rpath.com/browse/RPL-2011
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10399
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00618.html
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00629.html

Impacted products

Vendor	Product	Version
ext2_filesystems_utilities	e2fsprogs	*
ext2_filesystems_utilities	e2fsprogs	1.02
ext2_filesystems_utilities	e2fsprogs	1.03
ext2_filesystems_utilities	e2fsprogs	1.04
ext2_filesystems_utilities	e2fsprogs	1.05
ext2_filesystems_utilities	e2fsprogs	1.06
ext2_filesystems_utilities	e2fsprogs	1.07
ext2_filesystems_utilities	e2fsprogs	1.08
ext2_filesystems_utilities	e2fsprogs	1.09
ext2_filesystems_utilities	e2fsprogs	1.10
ext2_filesystems_utilities	e2fsprogs	1.11
ext2_filesystems_utilities	e2fsprogs	1.12
ext2_filesystems_utilities	e2fsprogs	1.13
ext2_filesystems_utilities	e2fsprogs	1.14
ext2_filesystems_utilities	e2fsprogs	1.15
ext2_filesystems_utilities	e2fsprogs	1.16
ext2_filesystems_utilities	e2fsprogs	1.17
ext2_filesystems_utilities	e2fsprogs	1.18
ext2_filesystems_utilities	e2fsprogs	1.19
ext2_filesystems_utilities	e2fsprogs	1.20
ext2_filesystems_utilities	e2fsprogs	1.21
ext2_filesystems_utilities	e2fsprogs	1.22
ext2_filesystems_utilities	e2fsprogs	1.23
ext2_filesystems_utilities	e2fsprogs	1.24
ext2_filesystems_utilities	e2fsprogs	1.25
ext2_filesystems_utilities	e2fsprogs	1.26
ext2_filesystems_utilities	e2fsprogs	1.27
ext2_filesystems_utilities	e2fsprogs	1.28
ext2_filesystems_utilities	e2fsprogs	1.29
ext2_filesystems_utilities	e2fsprogs	1.30
ext2_filesystems_utilities	e2fsprogs	1.31
ext2_filesystems_utilities	e2fsprogs	1.32
ext2_filesystems_utilities	e2fsprogs	1.33
ext2_filesystems_utilities	e2fsprogs	1.34
ext2_filesystems_utilities	e2fsprogs	1.35
ext2_filesystems_utilities	e2fsprogs	1.36
ext2_filesystems_utilities	e2fsprogs	1.37
ext2_filesystems_utilities	e2fsprogs	1.38
ext2_filesystems_utilities	e2fsprogs	1.39
ext2_filesystems_utilities	e2fsprogs	1.40
ext2_filesystems_utilities	e2fsprogs	1.40.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AC81AB4-8B6F-4465-B0F9-BC7B1F72D6AC",
              "versionEndIncluding": "1.40.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEE1E909-EA45-4E69-B743-82436045EC12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.03:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2B7983A-68C2-4626-8DE5-E8FA15B11CE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.04:*:*:*:*:*:*:*",
              "matchCriteriaId": "86B9567E-A1F0-45AD-9572-DDC1B809FA02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.05:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAC3FE84-4183-4727-AFE0-9A48223E50DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.06:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AB0B87D-6288-4D16-BFFA-4420D137F0B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.07:*:*:*:*:*:*:*",
              "matchCriteriaId": "6199DAD0-FCEB-4917-B0D1-BB823A3EE434",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.08:*:*:*:*:*:*:*",
              "matchCriteriaId": "02A625EB-0C5E-4654-9A21-2F8A4ABD2C70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.09:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C2FD6C1-8CE1-4C22-9952-5D400A8A6283",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "D99BC504-67A4-4494-BFEB-2D49944C045A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "78FFADA7-DD53-47CB-8AC5-DC46CDFEFE53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D6366A0-ED37-4850-95CB-BB9F9793549C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE810EB3-685F-419C-B2E0-EBCB2E29D44E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CA532D0-6B23-41B6-8ECD-4F6F8046EF62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB357247-9885-49AD-B7A4-AF4523D3AE96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "28D7F610-5EAD-46A2-BD42-FE4CF22650EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "83D1C237-0AE4-4E75-B10A-464DE4BA32DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FDAEECA-5C63-4D6F-AA41-934235D15465",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "9CB8E29C-8038-41EF-82FB-27E249F0D946",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB85C46E-AE17-4EC9-811F-872F9B018679",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C46F88A-DF22-45D3-8CE8-A0C3EDE7C4A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "73A41A5C-5D90-4A13-ADBB-971B0872667C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EEC84D7-456D-436F-B807-35434FC69A9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D615C9B-04B9-480A-8C19-681B720F09B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "58897ED4-3494-41C6-9EB3-88074D211023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F75FC1B-E440-4975-8FA4-088B9DA4376D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "85E46684-0BB0-49D1-A028-440BD815B0A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F16B8E-49C0-4536-97A8-F284CF9BB61D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "37893C89-282F-4376-917E-5DD31F2D832D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8BD30BE-2E5C-4835-8DEF-FC59EF8A83C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "C36FCB50-2EAD-4ED7-AD5D-5FD197B8965B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F30FAD6-F7AB-4734-BC13-F4DBF7983260",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BAB51F0-A94E-4126-B50E-0F99D743D7AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "510DB0AF-A11E-4C2A-BD94-7D788EC156A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CDCB34E-D2A2-4AC8-828A-CAB77B68F2FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.36:*:*:*:*:*:*:*",
              "matchCriteriaId": "A33EEDE8-9348-425C-AD88-AE10426B3DBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B137B2E-001A-4BFA-BDB2-7378CC903E62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "E857EA7F-6E7D-4619-9330-867C2A5381FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "14C3B4FD-1144-442F-9304-2676FEFAB583",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "91F06131-5D63-4DF4-8D70-67892F327846",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.40.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "18FCB21D-8D93-4F19-BCFC-3861C5A8DB5F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple integer overflows in libext2fs in e2fsprogs before 1.40.3 allow user-assisted remote attackers to execute arbitrary code via a crafted filesystem image."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples desbordamientos enteros en libext2fs en e2fsprogs versiones anteriores a 1.40.3, permiten a los atacantes remotos asistidos por el usuario ejecutar c\u00f3digo arbitrario por medio de una imagen del sistema de archivos especialmente dise\u00f1ada."
    }
  ],
  "id": "CVE-2007-5497",
  "lastModified": "2026-04-23T00:35:47.467",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2007-12-07T11:46:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.vmware.com/pipermail/security-announce/2008/000007.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27889"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27965"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27987"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28000"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28030"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28042"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28360"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28541"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28648"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29224"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/32774"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/40551"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sourceforge.net/project/shownotes.php?release_id=560230\u0026group_id=2406"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-040.htm"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://support.citrix.com/article/CTX118766"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://wiki.rpath.com/Advisories:rPSA-2007-0262"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2007/dsa-1422"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:242"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.novell.com/linux/security/advisories/2007_25_sr.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0003.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/487999/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/489082/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/26772"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id?1019537"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/usn-555-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vmware.com/security/advisories/VMSA-2008-0004.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/4135"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/0761"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/1796"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38903"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://issues.rpath.com/browse/RPL-2011"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10399"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00618.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00629.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.vmware.com/pipermail/security-announce/2008/000007.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27889"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27965"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27987"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28000"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28030"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28042"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28360"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28541"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28648"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29224"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/32774"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/40551"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sourceforge.net/project/shownotes.php?release_id=560230\u0026group_id=2406"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-040.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.citrix.com/article/CTX118766"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://wiki.rpath.com/Advisories:rPSA-2007-0262"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2007/dsa-1422"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:242"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2007_25_sr.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/487999/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/489082/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/26772"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1019537"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-555-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/security/advisories/VMSA-2008-0004.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/4135"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/0761"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/1796"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38903"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-2011"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10399"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00618.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00629.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-R9PV-WQV4-69WF

Vulnerability from github – Published: 2022-05-01 18:33 – Updated: 2022-05-01 18:33

Details

Multiple integer overflows in libext2fs in e2fsprogs before 1.40.3 allow user-assisted remote attackers to execute arbitrary code via a crafted filesystem image.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2007-5497"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2007-12-07T11:46:00Z",
    "severity": "MODERATE"
  },
  "details": "Multiple integer overflows in libext2fs in e2fsprogs before 1.40.3 allow user-assisted remote attackers to execute arbitrary code via a crafted filesystem image.",
  "id": "GHSA-r9pv-wqv4-69wf",
  "modified": "2022-05-01T18:33:59Z",
  "published": "2022-05-01T18:33:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-5497"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2008:0003"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2007-5497"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=403441"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38903"
    },
    {
      "type": "WEB",
      "url": "https://issues.rpath.com/browse/RPL-2011"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10399"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00618.html"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00629.html"
    },
    {
      "type": "WEB",
      "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083"
    },
    {
      "type": "WEB",
      "url": "http://lists.vmware.com/pipermail/security-announce/2008/000007.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27889"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27965"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27987"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28000"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28030"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28042"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28360"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28541"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28648"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/29224"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/32774"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/40551"
    },
    {
      "type": "WEB",
      "url": "http://sourceforge.net/project/shownotes.php?release_id=560230\u0026group_id=2406"
    },
    {
      "type": "WEB",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-040.htm"
    },
    {
      "type": "WEB",
      "url": "http://support.citrix.com/article/CTX118766"
    },
    {
      "type": "WEB",
      "url": "http://wiki.rpath.com/Advisories:rPSA-2007-0262"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2007/dsa-1422"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:242"
    },
    {
      "type": "WEB",
      "url": "http://www.novell.com/linux/security/advisories/2007_25_sr.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0003.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/487999/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/489082/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/26772"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1019537"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/usn-555-1"
    },
    {
      "type": "WEB",
      "url": "http://www.vmware.com/security/advisories/VMSA-2008-0004.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/4135"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/0761"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2010/1796"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2007-5497

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Multiple integer overflows in libext2fs in e2fsprogs before 1.40.3 allow user-assisted remote attackers to execute arbitrary code via a crafted filesystem image.

Aliases

CVE-2007-5497

Aliases

CVE-2007-5497

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2007-5497",
    "description": "Multiple integer overflows in libext2fs in e2fsprogs before 1.40.3 allow user-assisted remote attackers to execute arbitrary code via a crafted filesystem image.",
    "id": "GSD-2007-5497",
    "references": [
      "https://www.suse.com/security/cve/CVE-2007-5497.html",
      "https://www.debian.org/security/2007/dsa-1422",
      "https://access.redhat.com/errata/RHSA-2008:0003",
      "https://linux.oracle.com/cve/CVE-2007-5497.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2007-5497"
      ],
      "details": "Multiple integer overflows in libext2fs in e2fsprogs before 1.40.3 allow user-assisted remote attackers to execute arbitrary code via a crafted filesystem image.",
      "id": "GSD-2007-5497",
      "modified": "2023-12-13T01:21:40.738455Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2007-5497",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Multiple integer overflows in libext2fs in e2fsprogs before 1.40.3 allow user-assisted remote attackers to execute arbitrary code via a crafted filesystem image."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083",
            "refsource": "MISC",
            "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083"
          },
          {
            "name": "http://lists.vmware.com/pipermail/security-announce/2008/000007.html",
            "refsource": "MISC",
            "url": "http://lists.vmware.com/pipermail/security-announce/2008/000007.html"
          },
          {
            "name": "http://secunia.com/advisories/27889",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/27889"
          },
          {
            "name": "http://secunia.com/advisories/27965",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/27965"
          },
          {
            "name": "http://secunia.com/advisories/27987",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/27987"
          },
          {
            "name": "http://secunia.com/advisories/28000",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/28000"
          },
          {
            "name": "http://secunia.com/advisories/28030",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/28030"
          },
          {
            "name": "http://secunia.com/advisories/28042",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/28042"
          },
          {
            "name": "http://secunia.com/advisories/28360",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/28360"
          },
          {
            "name": "http://secunia.com/advisories/28541",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/28541"
          },
          {
            "name": "http://secunia.com/advisories/28648",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/28648"
          },
          {
            "name": "http://secunia.com/advisories/29224",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/29224"
          },
          {
            "name": "http://secunia.com/advisories/32774",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/32774"
          },
          {
            "name": "http://secunia.com/advisories/40551",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/40551"
          },
          {
            "name": "http://sourceforge.net/project/shownotes.php?release_id=560230\u0026group_id=2406",
            "refsource": "MISC",
            "url": "http://sourceforge.net/project/shownotes.php?release_id=560230\u0026group_id=2406"
          },
          {
            "name": "http://support.avaya.com/elmodocs2/security/ASA-2008-040.htm",
            "refsource": "MISC",
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-040.htm"
          },
          {
            "name": "http://support.citrix.com/article/CTX118766",
            "refsource": "MISC",
            "url": "http://support.citrix.com/article/CTX118766"
          },
          {
            "name": "http://wiki.rpath.com/Advisories:rPSA-2007-0262",
            "refsource": "MISC",
            "url": "http://wiki.rpath.com/Advisories:rPSA-2007-0262"
          },
          {
            "name": "http://www.debian.org/security/2007/dsa-1422",
            "refsource": "MISC",
            "url": "http://www.debian.org/security/2007/dsa-1422"
          },
          {
            "name": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:242",
            "refsource": "MISC",
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:242"
          },
          {
            "name": "http://www.novell.com/linux/security/advisories/2007_25_sr.html",
            "refsource": "MISC",
            "url": "http://www.novell.com/linux/security/advisories/2007_25_sr.html"
          },
          {
            "name": "http://www.redhat.com/support/errata/RHSA-2008-0003.html",
            "refsource": "MISC",
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0003.html"
          },
          {
            "name": "http://www.securityfocus.com/archive/1/487999/100/0/threaded",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/archive/1/487999/100/0/threaded"
          },
          {
            "name": "http://www.securityfocus.com/archive/1/489082/100/0/threaded",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/archive/1/489082/100/0/threaded"
          },
          {
            "name": "http://www.securityfocus.com/bid/26772",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/bid/26772"
          },
          {
            "name": "http://www.securitytracker.com/id?1019537",
            "refsource": "MISC",
            "url": "http://www.securitytracker.com/id?1019537"
          },
          {
            "name": "http://www.ubuntu.com/usn/usn-555-1",
            "refsource": "MISC",
            "url": "http://www.ubuntu.com/usn/usn-555-1"
          },
          {
            "name": "http://www.vmware.com/security/advisories/VMSA-2008-0004.html",
            "refsource": "MISC",
            "url": "http://www.vmware.com/security/advisories/VMSA-2008-0004.html"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2007/4135",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2007/4135"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2008/0761",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2008/0761"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2010/1796",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2010/1796"
          },
          {
            "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38903",
            "refsource": "MISC",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38903"
          },
          {
            "name": "https://issues.rpath.com/browse/RPL-2011",
            "refsource": "MISC",
            "url": "https://issues.rpath.com/browse/RPL-2011"
          },
          {
            "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10399",
            "refsource": "MISC",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10399"
          },
          {
            "name": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00618.html",
            "refsource": "MISC",
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00618.html"
          },
          {
            "name": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00629.html",
            "refsource": "MISC",
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00629.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "1.40.2",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.18:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.40.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.08:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.04:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.37:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.07:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.40:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.28:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.21:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.27:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.29:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.25:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.32:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.35:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.22:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.34:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.05:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.38:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.19:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.02:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.26:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.33:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.39:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.23:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.24:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.03:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.06:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.30:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.09:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.36:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.31:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2007-5497"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Multiple integer overflows in libext2fs in e2fsprogs before 1.40.3 allow user-assisted remote attackers to execute arbitrary code via a crafted filesystem image."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-189"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SUSE-SR:2007:025",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://www.novell.com/linux/security/advisories/2007_25_sr.html"
            },
            {
              "name": "http://sourceforge.net/project/shownotes.php?release_id=560230\u0026group_id=2406",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://sourceforge.net/project/shownotes.php?release_id=560230\u0026group_id=2406"
            },
            {
              "name": "DSA-1422",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2007/dsa-1422"
            },
            {
              "name": "USN-555-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/usn-555-1"
            },
            {
              "name": "26772",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/26772"
            },
            {
              "name": "27889",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/27889"
            },
            {
              "name": "27987",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/27987"
            },
            {
              "name": "28000",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/28000"
            },
            {
              "name": "MDKSA-2007:242",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:242"
            },
            {
              "name": "28042",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/28042"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-2011",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://issues.rpath.com/browse/RPL-2011"
            },
            {
              "name": "RHSA-2008:0003",
              "refsource": "REDHAT",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0003.html"
            },
            {
              "name": "28030",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/28030"
            },
            {
              "name": "27965",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/27965"
            },
            {
              "name": "28360",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/28360"
            },
            {
              "name": "http://support.avaya.com/elmodocs2/security/ASA-2008-040.htm",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-040.htm"
            },
            {
              "name": "FEDORA-2007-4447",
              "refsource": "FEDORA",
              "tags": [],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00618.html"
            },
            {
              "name": "FEDORA-2007-4461",
              "refsource": "FEDORA",
              "tags": [],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00629.html"
            },
            {
              "name": "28541",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/28541"
            },
            {
              "name": "28648",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/28648"
            },
            {
              "name": "http://wiki.rpath.com/Advisories:rPSA-2007-0262",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://wiki.rpath.com/Advisories:rPSA-2007-0262"
            },
            {
              "name": "[Security-announce] 20080303 VMSA-2008-0004 Low: Updated e2fsprogs service console package",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://lists.vmware.com/pipermail/security-announce/2008/000007.html"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2008-0004.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.vmware.com/security/advisories/VMSA-2008-0004.html"
            },
            {
              "name": "29224",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/29224"
            },
            {
              "name": "1019537",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1019537"
            },
            {
              "name": "SSRT100018",
              "refsource": "HP",
              "tags": [],
              "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083"
            },
            {
              "name": "ADV-2010-1796",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/1796"
            },
            {
              "name": "40551",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/40551"
            },
            {
              "name": "ADV-2008-0761",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/0761"
            },
            {
              "name": "ADV-2007-4135",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/4135"
            },
            {
              "name": "32774",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/32774"
            },
            {
              "name": "http://support.citrix.com/article/CTX118766",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://support.citrix.com/article/CTX118766"
            },
            {
              "name": "e2fsprogs-libext2fs-integer-overflow(38903)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38903"
            },
            {
              "name": "oval:org.mitre.oval:def:10399",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10399"
            },
            {
              "name": "20080303 VMSA-2008-0004 Low: Updated e2fsprogs service console package",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/489082/100/0/threaded"
            },
            {
              "name": "20080212 FLEA-2008-0005-1 e2fsprogs",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/487999/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 4.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2023-02-13T02:18Z",
      "publishedDate": "2007-12-07T11:46Z"
    }
  }
}

OPENSUSE-SU-2024:10731-1

Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00

Summary

e2fsprogs-1.46.4-1.1 on GA media

Severity

Moderate

Notes

Title of the patch: e2fsprogs-1.46.4-1.1 on GA media

Description of the patch: These are all security issues fixed in the e2fsprogs-1.46.4-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames: openSUSE-Tumbleweed-2024-10731

CVE-2007-5497

Affected products

Recommended 52 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:e2fsprogs-1.46.4-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:e2fsprogs-1.46.4-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:e2fsprogs-1.46.4-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:e2fsprogs-1.46.4-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:e2fsprogs-devel-1.46.4-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:e2fsprogs-devel-1.46.4-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:e2fsprogs-devel-1.46.4-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:e2fsprogs-devel-1.46.4-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:e2fsprogs-scrub-1.46.4-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:e2fsprogs-scrub-1.46.4-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:e2fsprogs-scrub-1.46.4-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:e2fsprogs-scrub-1.46.4-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libcom_err-devel-1.46.4-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libcom_err-devel-1.46.4-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libcom_err-devel-1.46.4-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libcom_err-devel-1.46.4-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libcom_err-devel-32bit-1.46.4-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libcom_err-devel-32bit-1.46.4-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libcom_err-devel-32bit-1.46.4-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libcom_err-devel-32bit-1.46.4-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libcom_err-devel-static-1.46.4-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libcom_err-devel-static-1.46.4-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libcom_err-devel-static-1.46.4-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libcom_err-devel-static-1.46.4-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libcom_err2-1.46.4-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libcom_err2-1.46.4-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libcom_err2-1.46.4-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libcom_err2-1.46.4-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libcom_err2-32bit-1.46.4-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libcom_err2-32bit-1.46.4-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libcom_err2-32bit-1.46.4-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libcom_err2-32bit-1.46.4-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libext2fs-devel-1.46.4-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libext2fs-devel-1.46.4-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libext2fs-devel-1.46.4-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libext2fs-devel-1.46.4-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libext2fs-devel-32bit-1.46.4-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libext2fs-devel-32bit-1.46.4-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libext2fs-devel-32bit-1.46.4-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libext2fs-devel-32bit-1.46.4-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libext2fs-devel-static-1.46.4-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libext2fs-devel-static-1.46.4-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libext2fs-devel-static-1.46.4-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libext2fs-devel-static-1.46.4-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libext2fs2-1.46.4-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libext2fs2-1.46.4-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libext2fs2-1.46.4-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libext2fs2-1.46.4-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libext2fs2-32bit-1.46.4-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libext2fs2-32bit-1.46.4-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libext2fs2-32bit-1.46.4-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libext2fs2-32bit-1.46.4-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2019-5094

6.7 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 52 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:e2fsprogs-1.46.4-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:e2fsprogs-1.46.4-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:e2fsprogs-1.46.4-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:e2fsprogs-1.46.4-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:e2fsprogs-devel-1.46.4-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:e2fsprogs-devel-1.46.4-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:e2fsprogs-devel-1.46.4-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:e2fsprogs-devel-1.46.4-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:e2fsprogs-scrub-1.46.4-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:e2fsprogs-scrub-1.46.4-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:e2fsprogs-scrub-1.46.4-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:e2fsprogs-scrub-1.46.4-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libcom_err-devel-1.46.4-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libcom_err-devel-1.46.4-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libcom_err-devel-1.46.4-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libcom_err-devel-1.46.4-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libcom_err-devel-32bit-1.46.4-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libcom_err-devel-32bit-1.46.4-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libcom_err-devel-32bit-1.46.4-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libcom_err-devel-32bit-1.46.4-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libcom_err-devel-static-1.46.4-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libcom_err-devel-static-1.46.4-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libcom_err-devel-static-1.46.4-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libcom_err-devel-static-1.46.4-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libcom_err2-1.46.4-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libcom_err2-1.46.4-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libcom_err2-1.46.4-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libcom_err2-1.46.4-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libcom_err2-32bit-1.46.4-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libcom_err2-32bit-1.46.4-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libcom_err2-32bit-1.46.4-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libcom_err2-32bit-1.46.4-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libext2fs-devel-1.46.4-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libext2fs-devel-1.46.4-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libext2fs-devel-1.46.4-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libext2fs-devel-1.46.4-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libext2fs-devel-32bit-1.46.4-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libext2fs-devel-32bit-1.46.4-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libext2fs-devel-32bit-1.46.4-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libext2fs-devel-32bit-1.46.4-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libext2fs-devel-static-1.46.4-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libext2fs-devel-static-1.46.4-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libext2fs-devel-static-1.46.4-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libext2fs-devel-static-1.46.4-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libext2fs2-1.46.4-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libext2fs2-1.46.4-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libext2fs2-1.46.4-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libext2fs2-1.46.4-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libext2fs2-32bit-1.46.4-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libext2fs2-32bit-1.46.4-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libext2fs2-32bit-1.46.4-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libext2fs2-32bit-1.46.4-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

References

8 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/o…	self
https://www.suse.com/security/cve/CVE-2007-5497/	self
https://www.suse.com/security/cve/CVE-2019-5094/	self
https://www.suse.com/security/cve/CVE-2007-5497	external
https://bugzilla.suse.com/340473	external
https://www.suse.com/security/cve/CVE-2019-5094	external
https://bugzilla.suse.com/1152101	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "e2fsprogs-1.46.4-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the e2fsprogs-1.46.4-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-10731",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10731-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2007-5497 page",
        "url": "https://www.suse.com/security/cve/CVE-2007-5497/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-5094 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-5094/"
      }
    ],
    "title": "e2fsprogs-1.46.4-1.1 on GA media",
    "tracking": {
      "current_release_date": "2024-06-15T00:00:00Z",
      "generator": {
        "date": "2024-06-15T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:10731-1",
      "initial_release_date": "2024-06-15T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-06-15T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "e2fsprogs-1.46.4-1.1.aarch64",
                "product": {
                  "name": "e2fsprogs-1.46.4-1.1.aarch64",
                  "product_id": "e2fsprogs-1.46.4-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "e2fsprogs-devel-1.46.4-1.1.aarch64",
                "product": {
                  "name": "e2fsprogs-devel-1.46.4-1.1.aarch64",
                  "product_id": "e2fsprogs-devel-1.46.4-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "e2fsprogs-scrub-1.46.4-1.1.aarch64",
                "product": {
                  "name": "e2fsprogs-scrub-1.46.4-1.1.aarch64",
                  "product_id": "e2fsprogs-scrub-1.46.4-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libcom_err-devel-1.46.4-1.1.aarch64",
                "product": {
                  "name": "libcom_err-devel-1.46.4-1.1.aarch64",
                  "product_id": "libcom_err-devel-1.46.4-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libcom_err-devel-32bit-1.46.4-1.1.aarch64",
                "product": {
                  "name": "libcom_err-devel-32bit-1.46.4-1.1.aarch64",
                  "product_id": "libcom_err-devel-32bit-1.46.4-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libcom_err-devel-static-1.46.4-1.1.aarch64",
                "product": {
                  "name": "libcom_err-devel-static-1.46.4-1.1.aarch64",
                  "product_id": "libcom_err-devel-static-1.46.4-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libcom_err2-1.46.4-1.1.aarch64",
                "product": {
                  "name": "libcom_err2-1.46.4-1.1.aarch64",
                  "product_id": "libcom_err2-1.46.4-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libcom_err2-32bit-1.46.4-1.1.aarch64",
                "product": {
                  "name": "libcom_err2-32bit-1.46.4-1.1.aarch64",
                  "product_id": "libcom_err2-32bit-1.46.4-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libext2fs-devel-1.46.4-1.1.aarch64",
                "product": {
                  "name": "libext2fs-devel-1.46.4-1.1.aarch64",
                  "product_id": "libext2fs-devel-1.46.4-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libext2fs-devel-32bit-1.46.4-1.1.aarch64",
                "product": {
                  "name": "libext2fs-devel-32bit-1.46.4-1.1.aarch64",
                  "product_id": "libext2fs-devel-32bit-1.46.4-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libext2fs-devel-static-1.46.4-1.1.aarch64",
                "product": {
                  "name": "libext2fs-devel-static-1.46.4-1.1.aarch64",
                  "product_id": "libext2fs-devel-static-1.46.4-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libext2fs2-1.46.4-1.1.aarch64",
                "product": {
                  "name": "libext2fs2-1.46.4-1.1.aarch64",
                  "product_id": "libext2fs2-1.46.4-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libext2fs2-32bit-1.46.4-1.1.aarch64",
                "product": {
                  "name": "libext2fs2-32bit-1.46.4-1.1.aarch64",
                  "product_id": "libext2fs2-32bit-1.46.4-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "e2fsprogs-1.46.4-1.1.ppc64le",
                "product": {
                  "name": "e2fsprogs-1.46.4-1.1.ppc64le",
                  "product_id": "e2fsprogs-1.46.4-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "e2fsprogs-devel-1.46.4-1.1.ppc64le",
                "product": {
                  "name": "e2fsprogs-devel-1.46.4-1.1.ppc64le",
                  "product_id": "e2fsprogs-devel-1.46.4-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "e2fsprogs-scrub-1.46.4-1.1.ppc64le",
                "product": {
                  "name": "e2fsprogs-scrub-1.46.4-1.1.ppc64le",
                  "product_id": "e2fsprogs-scrub-1.46.4-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libcom_err-devel-1.46.4-1.1.ppc64le",
                "product": {
                  "name": "libcom_err-devel-1.46.4-1.1.ppc64le",
                  "product_id": "libcom_err-devel-1.46.4-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libcom_err-devel-32bit-1.46.4-1.1.ppc64le",
                "product": {
                  "name": "libcom_err-devel-32bit-1.46.4-1.1.ppc64le",
                  "product_id": "libcom_err-devel-32bit-1.46.4-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libcom_err-devel-static-1.46.4-1.1.ppc64le",
                "product": {
                  "name": "libcom_err-devel-static-1.46.4-1.1.ppc64le",
                  "product_id": "libcom_err-devel-static-1.46.4-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libcom_err2-1.46.4-1.1.ppc64le",
                "product": {
                  "name": "libcom_err2-1.46.4-1.1.ppc64le",
                  "product_id": "libcom_err2-1.46.4-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libcom_err2-32bit-1.46.4-1.1.ppc64le",
                "product": {
                  "name": "libcom_err2-32bit-1.46.4-1.1.ppc64le",
                  "product_id": "libcom_err2-32bit-1.46.4-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libext2fs-devel-1.46.4-1.1.ppc64le",
                "product": {
                  "name": "libext2fs-devel-1.46.4-1.1.ppc64le",
                  "product_id": "libext2fs-devel-1.46.4-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libext2fs-devel-32bit-1.46.4-1.1.ppc64le",
                "product": {
                  "name": "libext2fs-devel-32bit-1.46.4-1.1.ppc64le",
                  "product_id": "libext2fs-devel-32bit-1.46.4-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libext2fs-devel-static-1.46.4-1.1.ppc64le",
                "product": {
                  "name": "libext2fs-devel-static-1.46.4-1.1.ppc64le",
                  "product_id": "libext2fs-devel-static-1.46.4-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libext2fs2-1.46.4-1.1.ppc64le",
                "product": {
                  "name": "libext2fs2-1.46.4-1.1.ppc64le",
                  "product_id": "libext2fs2-1.46.4-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libext2fs2-32bit-1.46.4-1.1.ppc64le",
                "product": {
                  "name": "libext2fs2-32bit-1.46.4-1.1.ppc64le",
                  "product_id": "libext2fs2-32bit-1.46.4-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "e2fsprogs-1.46.4-1.1.s390x",
                "product": {
                  "name": "e2fsprogs-1.46.4-1.1.s390x",
                  "product_id": "e2fsprogs-1.46.4-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "e2fsprogs-devel-1.46.4-1.1.s390x",
                "product": {
                  "name": "e2fsprogs-devel-1.46.4-1.1.s390x",
                  "product_id": "e2fsprogs-devel-1.46.4-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "e2fsprogs-scrub-1.46.4-1.1.s390x",
                "product": {
                  "name": "e2fsprogs-scrub-1.46.4-1.1.s390x",
                  "product_id": "e2fsprogs-scrub-1.46.4-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libcom_err-devel-1.46.4-1.1.s390x",
                "product": {
                  "name": "libcom_err-devel-1.46.4-1.1.s390x",
                  "product_id": "libcom_err-devel-1.46.4-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libcom_err-devel-32bit-1.46.4-1.1.s390x",
                "product": {
                  "name": "libcom_err-devel-32bit-1.46.4-1.1.s390x",
                  "product_id": "libcom_err-devel-32bit-1.46.4-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libcom_err-devel-static-1.46.4-1.1.s390x",
                "product": {
                  "name": "libcom_err-devel-static-1.46.4-1.1.s390x",
                  "product_id": "libcom_err-devel-static-1.46.4-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libcom_err2-1.46.4-1.1.s390x",
                "product": {
                  "name": "libcom_err2-1.46.4-1.1.s390x",
                  "product_id": "libcom_err2-1.46.4-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libcom_err2-32bit-1.46.4-1.1.s390x",
                "product": {
                  "name": "libcom_err2-32bit-1.46.4-1.1.s390x",
                  "product_id": "libcom_err2-32bit-1.46.4-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libext2fs-devel-1.46.4-1.1.s390x",
                "product": {
                  "name": "libext2fs-devel-1.46.4-1.1.s390x",
                  "product_id": "libext2fs-devel-1.46.4-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libext2fs-devel-32bit-1.46.4-1.1.s390x",
                "product": {
                  "name": "libext2fs-devel-32bit-1.46.4-1.1.s390x",
                  "product_id": "libext2fs-devel-32bit-1.46.4-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libext2fs-devel-static-1.46.4-1.1.s390x",
                "product": {
                  "name": "libext2fs-devel-static-1.46.4-1.1.s390x",
                  "product_id": "libext2fs-devel-static-1.46.4-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libext2fs2-1.46.4-1.1.s390x",
                "product": {
                  "name": "libext2fs2-1.46.4-1.1.s390x",
                  "product_id": "libext2fs2-1.46.4-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libext2fs2-32bit-1.46.4-1.1.s390x",
                "product": {
                  "name": "libext2fs2-32bit-1.46.4-1.1.s390x",
                  "product_id": "libext2fs2-32bit-1.46.4-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "e2fsprogs-1.46.4-1.1.x86_64",
                "product": {
                  "name": "e2fsprogs-1.46.4-1.1.x86_64",
                  "product_id": "e2fsprogs-1.46.4-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "e2fsprogs-devel-1.46.4-1.1.x86_64",
                "product": {
                  "name": "e2fsprogs-devel-1.46.4-1.1.x86_64",
                  "product_id": "e2fsprogs-devel-1.46.4-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "e2fsprogs-scrub-1.46.4-1.1.x86_64",
                "product": {
                  "name": "e2fsprogs-scrub-1.46.4-1.1.x86_64",
                  "product_id": "e2fsprogs-scrub-1.46.4-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libcom_err-devel-1.46.4-1.1.x86_64",
                "product": {
                  "name": "libcom_err-devel-1.46.4-1.1.x86_64",
                  "product_id": "libcom_err-devel-1.46.4-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libcom_err-devel-32bit-1.46.4-1.1.x86_64",
                "product": {
                  "name": "libcom_err-devel-32bit-1.46.4-1.1.x86_64",
                  "product_id": "libcom_err-devel-32bit-1.46.4-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libcom_err-devel-static-1.46.4-1.1.x86_64",
                "product": {
                  "name": "libcom_err-devel-static-1.46.4-1.1.x86_64",
                  "product_id": "libcom_err-devel-static-1.46.4-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libcom_err2-1.46.4-1.1.x86_64",
                "product": {
                  "name": "libcom_err2-1.46.4-1.1.x86_64",
                  "product_id": "libcom_err2-1.46.4-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libcom_err2-32bit-1.46.4-1.1.x86_64",
                "product": {
                  "name": "libcom_err2-32bit-1.46.4-1.1.x86_64",
                  "product_id": "libcom_err2-32bit-1.46.4-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libext2fs-devel-1.46.4-1.1.x86_64",
                "product": {
                  "name": "libext2fs-devel-1.46.4-1.1.x86_64",
                  "product_id": "libext2fs-devel-1.46.4-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libext2fs-devel-32bit-1.46.4-1.1.x86_64",
                "product": {
                  "name": "libext2fs-devel-32bit-1.46.4-1.1.x86_64",
                  "product_id": "libext2fs-devel-32bit-1.46.4-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libext2fs-devel-static-1.46.4-1.1.x86_64",
                "product": {
                  "name": "libext2fs-devel-static-1.46.4-1.1.x86_64",
                  "product_id": "libext2fs-devel-static-1.46.4-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libext2fs2-1.46.4-1.1.x86_64",
                "product": {
                  "name": "libext2fs2-1.46.4-1.1.x86_64",
                  "product_id": "libext2fs2-1.46.4-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libext2fs2-32bit-1.46.4-1.1.x86_64",
                "product": {
                  "name": "libext2fs2-32bit-1.46.4-1.1.x86_64",
                  "product_id": "libext2fs2-32bit-1.46.4-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "e2fsprogs-1.46.4-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:e2fsprogs-1.46.4-1.1.aarch64"
        },
        "product_reference": "e2fsprogs-1.46.4-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "e2fsprogs-1.46.4-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:e2fsprogs-1.46.4-1.1.ppc64le"
        },
        "product_reference": "e2fsprogs-1.46.4-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "e2fsprogs-1.46.4-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:e2fsprogs-1.46.4-1.1.s390x"
        },
        "product_reference": "e2fsprogs-1.46.4-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "e2fsprogs-1.46.4-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:e2fsprogs-1.46.4-1.1.x86_64"
        },
        "product_reference": "e2fsprogs-1.46.4-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "e2fsprogs-devel-1.46.4-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:e2fsprogs-devel-1.46.4-1.1.aarch64"
        },
        "product_reference": "e2fsprogs-devel-1.46.4-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "e2fsprogs-devel-1.46.4-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:e2fsprogs-devel-1.46.4-1.1.ppc64le"
        },
        "product_reference": "e2fsprogs-devel-1.46.4-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "e2fsprogs-devel-1.46.4-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:e2fsprogs-devel-1.46.4-1.1.s390x"
        },
        "product_reference": "e2fsprogs-devel-1.46.4-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "e2fsprogs-devel-1.46.4-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:e2fsprogs-devel-1.46.4-1.1.x86_64"
        },
        "product_reference": "e2fsprogs-devel-1.46.4-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "e2fsprogs-scrub-1.46.4-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:e2fsprogs-scrub-1.46.4-1.1.aarch64"
        },
        "product_reference": "e2fsprogs-scrub-1.46.4-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "e2fsprogs-scrub-1.46.4-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:e2fsprogs-scrub-1.46.4-1.1.ppc64le"
        },
        "product_reference": "e2fsprogs-scrub-1.46.4-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "e2fsprogs-scrub-1.46.4-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:e2fsprogs-scrub-1.46.4-1.1.s390x"
        },
        "product_reference": "e2fsprogs-scrub-1.46.4-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "e2fsprogs-scrub-1.46.4-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:e2fsprogs-scrub-1.46.4-1.1.x86_64"
        },
        "product_reference": "e2fsprogs-scrub-1.46.4-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libcom_err-devel-1.46.4-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libcom_err-devel-1.46.4-1.1.aarch64"
        },
        "product_reference": "libcom_err-devel-1.46.4-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libcom_err-devel-1.46.4-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libcom_err-devel-1.46.4-1.1.ppc64le"
        },
        "product_reference": "libcom_err-devel-1.46.4-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libcom_err-devel-1.46.4-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libcom_err-devel-1.46.4-1.1.s390x"
        },
        "product_reference": "libcom_err-devel-1.46.4-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libcom_err-devel-1.46.4-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libcom_err-devel-1.46.4-1.1.x86_64"
        },
        "product_reference": "libcom_err-devel-1.46.4-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libcom_err-devel-32bit-1.46.4-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libcom_err-devel-32bit-1.46.4-1.1.aarch64"
        },
        "product_reference": "libcom_err-devel-32bit-1.46.4-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libcom_err-devel-32bit-1.46.4-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libcom_err-devel-32bit-1.46.4-1.1.ppc64le"
        },
        "product_reference": "libcom_err-devel-32bit-1.46.4-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libcom_err-devel-32bit-1.46.4-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libcom_err-devel-32bit-1.46.4-1.1.s390x"
        },
        "product_reference": "libcom_err-devel-32bit-1.46.4-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libcom_err-devel-32bit-1.46.4-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libcom_err-devel-32bit-1.46.4-1.1.x86_64"
        },
        "product_reference": "libcom_err-devel-32bit-1.46.4-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libcom_err-devel-static-1.46.4-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libcom_err-devel-static-1.46.4-1.1.aarch64"
        },
        "product_reference": "libcom_err-devel-static-1.46.4-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libcom_err-devel-static-1.46.4-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libcom_err-devel-static-1.46.4-1.1.ppc64le"
        },
        "product_reference": "libcom_err-devel-static-1.46.4-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libcom_err-devel-static-1.46.4-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libcom_err-devel-static-1.46.4-1.1.s390x"
        },
        "product_reference": "libcom_err-devel-static-1.46.4-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libcom_err-devel-static-1.46.4-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libcom_err-devel-static-1.46.4-1.1.x86_64"
        },
        "product_reference": "libcom_err-devel-static-1.46.4-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libcom_err2-1.46.4-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libcom_err2-1.46.4-1.1.aarch64"
        },
        "product_reference": "libcom_err2-1.46.4-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libcom_err2-1.46.4-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libcom_err2-1.46.4-1.1.ppc64le"
        },
        "product_reference": "libcom_err2-1.46.4-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libcom_err2-1.46.4-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libcom_err2-1.46.4-1.1.s390x"
        },
        "product_reference": "libcom_err2-1.46.4-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libcom_err2-1.46.4-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libcom_err2-1.46.4-1.1.x86_64"
        },
        "product_reference": "libcom_err2-1.46.4-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libcom_err2-32bit-1.46.4-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libcom_err2-32bit-1.46.4-1.1.aarch64"
        },
        "product_reference": "libcom_err2-32bit-1.46.4-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libcom_err2-32bit-1.46.4-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libcom_err2-32bit-1.46.4-1.1.ppc64le"
        },
        "product_reference": "libcom_err2-32bit-1.46.4-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libcom_err2-32bit-1.46.4-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libcom_err2-32bit-1.46.4-1.1.s390x"
        },
        "product_reference": "libcom_err2-32bit-1.46.4-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libcom_err2-32bit-1.46.4-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libcom_err2-32bit-1.46.4-1.1.x86_64"
        },
        "product_reference": "libcom_err2-32bit-1.46.4-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libext2fs-devel-1.46.4-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libext2fs-devel-1.46.4-1.1.aarch64"
        },
        "product_reference": "libext2fs-devel-1.46.4-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libext2fs-devel-1.46.4-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libext2fs-devel-1.46.4-1.1.ppc64le"
        },
        "product_reference": "libext2fs-devel-1.46.4-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libext2fs-devel-1.46.4-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libext2fs-devel-1.46.4-1.1.s390x"
        },
        "product_reference": "libext2fs-devel-1.46.4-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libext2fs-devel-1.46.4-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libext2fs-devel-1.46.4-1.1.x86_64"
        },
        "product_reference": "libext2fs-devel-1.46.4-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libext2fs-devel-32bit-1.46.4-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libext2fs-devel-32bit-1.46.4-1.1.aarch64"
        },
        "product_reference": "libext2fs-devel-32bit-1.46.4-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libext2fs-devel-32bit-1.46.4-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libext2fs-devel-32bit-1.46.4-1.1.ppc64le"
        },
        "product_reference": "libext2fs-devel-32bit-1.46.4-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libext2fs-devel-32bit-1.46.4-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libext2fs-devel-32bit-1.46.4-1.1.s390x"
        },
        "product_reference": "libext2fs-devel-32bit-1.46.4-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libext2fs-devel-32bit-1.46.4-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libext2fs-devel-32bit-1.46.4-1.1.x86_64"
        },
        "product_reference": "libext2fs-devel-32bit-1.46.4-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libext2fs-devel-static-1.46.4-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libext2fs-devel-static-1.46.4-1.1.aarch64"
        },
        "product_reference": "libext2fs-devel-static-1.46.4-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libext2fs-devel-static-1.46.4-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libext2fs-devel-static-1.46.4-1.1.ppc64le"
        },
        "product_reference": "libext2fs-devel-static-1.46.4-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libext2fs-devel-static-1.46.4-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libext2fs-devel-static-1.46.4-1.1.s390x"
        },
        "product_reference": "libext2fs-devel-static-1.46.4-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libext2fs-devel-static-1.46.4-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libext2fs-devel-static-1.46.4-1.1.x86_64"
        },
        "product_reference": "libext2fs-devel-static-1.46.4-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libext2fs2-1.46.4-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libext2fs2-1.46.4-1.1.aarch64"
        },
        "product_reference": "libext2fs2-1.46.4-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libext2fs2-1.46.4-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libext2fs2-1.46.4-1.1.ppc64le"
        },
        "product_reference": "libext2fs2-1.46.4-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libext2fs2-1.46.4-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libext2fs2-1.46.4-1.1.s390x"
        },
        "product_reference": "libext2fs2-1.46.4-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libext2fs2-1.46.4-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libext2fs2-1.46.4-1.1.x86_64"
        },
        "product_reference": "libext2fs2-1.46.4-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libext2fs2-32bit-1.46.4-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libext2fs2-32bit-1.46.4-1.1.aarch64"
        },
        "product_reference": "libext2fs2-32bit-1.46.4-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libext2fs2-32bit-1.46.4-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libext2fs2-32bit-1.46.4-1.1.ppc64le"
        },
        "product_reference": "libext2fs2-32bit-1.46.4-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libext2fs2-32bit-1.46.4-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libext2fs2-32bit-1.46.4-1.1.s390x"
        },
        "product_reference": "libext2fs2-32bit-1.46.4-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libext2fs2-32bit-1.46.4-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libext2fs2-32bit-1.46.4-1.1.x86_64"
        },
        "product_reference": "libext2fs2-32bit-1.46.4-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2007-5497",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2007-5497"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple integer overflows in libext2fs in e2fsprogs before 1.40.3 allow user-assisted remote attackers to execute arbitrary code via a crafted filesystem image.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:e2fsprogs-1.46.4-1.1.aarch64",
          "openSUSE Tumbleweed:e2fsprogs-1.46.4-1.1.ppc64le",
          "openSUSE Tumbleweed:e2fsprogs-1.46.4-1.1.s390x",
          "openSUSE Tumbleweed:e2fsprogs-1.46.4-1.1.x86_64",
          "openSUSE Tumbleweed:e2fsprogs-devel-1.46.4-1.1.aarch64",
          "openSUSE Tumbleweed:e2fsprogs-devel-1.46.4-1.1.ppc64le",
          "openSUSE Tumbleweed:e2fsprogs-devel-1.46.4-1.1.s390x",
          "openSUSE Tumbleweed:e2fsprogs-devel-1.46.4-1.1.x86_64",
          "openSUSE Tumbleweed:e2fsprogs-scrub-1.46.4-1.1.aarch64",
          "openSUSE Tumbleweed:e2fsprogs-scrub-1.46.4-1.1.ppc64le",
          "openSUSE Tumbleweed:e2fsprogs-scrub-1.46.4-1.1.s390x",
          "openSUSE Tumbleweed:e2fsprogs-scrub-1.46.4-1.1.x86_64",
          "openSUSE Tumbleweed:libcom_err-devel-1.46.4-1.1.aarch64",
          "openSUSE Tumbleweed:libcom_err-devel-1.46.4-1.1.ppc64le",
          "openSUSE Tumbleweed:libcom_err-devel-1.46.4-1.1.s390x",
          "openSUSE Tumbleweed:libcom_err-devel-1.46.4-1.1.x86_64",
          "openSUSE Tumbleweed:libcom_err-devel-32bit-1.46.4-1.1.aarch64",
          "openSUSE Tumbleweed:libcom_err-devel-32bit-1.46.4-1.1.ppc64le",
          "openSUSE Tumbleweed:libcom_err-devel-32bit-1.46.4-1.1.s390x",
          "openSUSE Tumbleweed:libcom_err-devel-32bit-1.46.4-1.1.x86_64",
          "openSUSE Tumbleweed:libcom_err-devel-static-1.46.4-1.1.aarch64",
          "openSUSE Tumbleweed:libcom_err-devel-static-1.46.4-1.1.ppc64le",
          "openSUSE Tumbleweed:libcom_err-devel-static-1.46.4-1.1.s390x",
          "openSUSE Tumbleweed:libcom_err-devel-static-1.46.4-1.1.x86_64",
          "openSUSE Tumbleweed:libcom_err2-1.46.4-1.1.aarch64",
          "openSUSE Tumbleweed:libcom_err2-1.46.4-1.1.ppc64le",
          "openSUSE Tumbleweed:libcom_err2-1.46.4-1.1.s390x",
          "openSUSE Tumbleweed:libcom_err2-1.46.4-1.1.x86_64",
          "openSUSE Tumbleweed:libcom_err2-32bit-1.46.4-1.1.aarch64",
          "openSUSE Tumbleweed:libcom_err2-32bit-1.46.4-1.1.ppc64le",
          "openSUSE Tumbleweed:libcom_err2-32bit-1.46.4-1.1.s390x",
          "openSUSE Tumbleweed:libcom_err2-32bit-1.46.4-1.1.x86_64",
          "openSUSE Tumbleweed:libext2fs-devel-1.46.4-1.1.aarch64",
          "openSUSE Tumbleweed:libext2fs-devel-1.46.4-1.1.ppc64le",
          "openSUSE Tumbleweed:libext2fs-devel-1.46.4-1.1.s390x",
          "openSUSE Tumbleweed:libext2fs-devel-1.46.4-1.1.x86_64",
          "openSUSE Tumbleweed:libext2fs-devel-32bit-1.46.4-1.1.aarch64",
          "openSUSE Tumbleweed:libext2fs-devel-32bit-1.46.4-1.1.ppc64le",
          "openSUSE Tumbleweed:libext2fs-devel-32bit-1.46.4-1.1.s390x",
          "openSUSE Tumbleweed:libext2fs-devel-32bit-1.46.4-1.1.x86_64",
          "openSUSE Tumbleweed:libext2fs-devel-static-1.46.4-1.1.aarch64",
          "openSUSE Tumbleweed:libext2fs-devel-static-1.46.4-1.1.ppc64le",
          "openSUSE Tumbleweed:libext2fs-devel-static-1.46.4-1.1.s390x",
          "openSUSE Tumbleweed:libext2fs-devel-static-1.46.4-1.1.x86_64",
          "openSUSE Tumbleweed:libext2fs2-1.46.4-1.1.aarch64",
          "openSUSE Tumbleweed:libext2fs2-1.46.4-1.1.ppc64le",
          "openSUSE Tumbleweed:libext2fs2-1.46.4-1.1.s390x",
          "openSUSE Tumbleweed:libext2fs2-1.46.4-1.1.x86_64",
          "openSUSE Tumbleweed:libext2fs2-32bit-1.46.4-1.1.aarch64",
          "openSUSE Tumbleweed:libext2fs2-32bit-1.46.4-1.1.ppc64le",
          "openSUSE Tumbleweed:libext2fs2-32bit-1.46.4-1.1.s390x",
          "openSUSE Tumbleweed:libext2fs2-32bit-1.46.4-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2007-5497",
          "url": "https://www.suse.com/security/cve/CVE-2007-5497"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 340473 for CVE-2007-5497",
          "url": "https://bugzilla.suse.com/340473"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:e2fsprogs-1.46.4-1.1.aarch64",
            "openSUSE Tumbleweed:e2fsprogs-1.46.4-1.1.ppc64le",
            "openSUSE Tumbleweed:e2fsprogs-1.46.4-1.1.s390x",
            "openSUSE Tumbleweed:e2fsprogs-1.46.4-1.1.x86_64",
            "openSUSE Tumbleweed:e2fsprogs-devel-1.46.4-1.1.aarch64",
            "openSUSE Tumbleweed:e2fsprogs-devel-1.46.4-1.1.ppc64le",
            "openSUSE Tumbleweed:e2fsprogs-devel-1.46.4-1.1.s390x",
            "openSUSE Tumbleweed:e2fsprogs-devel-1.46.4-1.1.x86_64",
            "openSUSE Tumbleweed:e2fsprogs-scrub-1.46.4-1.1.aarch64",
            "openSUSE Tumbleweed:e2fsprogs-scrub-1.46.4-1.1.ppc64le",
            "openSUSE Tumbleweed:e2fsprogs-scrub-1.46.4-1.1.s390x",
            "openSUSE Tumbleweed:e2fsprogs-scrub-1.46.4-1.1.x86_64",
            "openSUSE Tumbleweed:libcom_err-devel-1.46.4-1.1.aarch64",
            "openSUSE Tumbleweed:libcom_err-devel-1.46.4-1.1.ppc64le",
            "openSUSE Tumbleweed:libcom_err-devel-1.46.4-1.1.s390x",
            "openSUSE Tumbleweed:libcom_err-devel-1.46.4-1.1.x86_64",
            "openSUSE Tumbleweed:libcom_err-devel-32bit-1.46.4-1.1.aarch64",
            "openSUSE Tumbleweed:libcom_err-devel-32bit-1.46.4-1.1.ppc64le",
            "openSUSE Tumbleweed:libcom_err-devel-32bit-1.46.4-1.1.s390x",
            "openSUSE Tumbleweed:libcom_err-devel-32bit-1.46.4-1.1.x86_64",
            "openSUSE Tumbleweed:libcom_err-devel-static-1.46.4-1.1.aarch64",
            "openSUSE Tumbleweed:libcom_err-devel-static-1.46.4-1.1.ppc64le",
            "openSUSE Tumbleweed:libcom_err-devel-static-1.46.4-1.1.s390x",
            "openSUSE Tumbleweed:libcom_err-devel-static-1.46.4-1.1.x86_64",
            "openSUSE Tumbleweed:libcom_err2-1.46.4-1.1.aarch64",
            "openSUSE Tumbleweed:libcom_err2-1.46.4-1.1.ppc64le",
            "openSUSE Tumbleweed:libcom_err2-1.46.4-1.1.s390x",
            "openSUSE Tumbleweed:libcom_err2-1.46.4-1.1.x86_64",
            "openSUSE Tumbleweed:libcom_err2-32bit-1.46.4-1.1.aarch64",
            "openSUSE Tumbleweed:libcom_err2-32bit-1.46.4-1.1.ppc64le",
            "openSUSE Tumbleweed:libcom_err2-32bit-1.46.4-1.1.s390x",
            "openSUSE Tumbleweed:libcom_err2-32bit-1.46.4-1.1.x86_64",
            "openSUSE Tumbleweed:libext2fs-devel-1.46.4-1.1.aarch64",
            "openSUSE Tumbleweed:libext2fs-devel-1.46.4-1.1.ppc64le",
            "openSUSE Tumbleweed:libext2fs-devel-1.46.4-1.1.s390x",
            "openSUSE Tumbleweed:libext2fs-devel-1.46.4-1.1.x86_64",
            "openSUSE Tumbleweed:libext2fs-devel-32bit-1.46.4-1.1.aarch64",
            "openSUSE Tumbleweed:libext2fs-devel-32bit-1.46.4-1.1.ppc64le",
            "openSUSE Tumbleweed:libext2fs-devel-32bit-1.46.4-1.1.s390x",
            "openSUSE Tumbleweed:libext2fs-devel-32bit-1.46.4-1.1.x86_64",
            "openSUSE Tumbleweed:libext2fs-devel-static-1.46.4-1.1.aarch64",
            "openSUSE Tumbleweed:libext2fs-devel-static-1.46.4-1.1.ppc64le",
            "openSUSE Tumbleweed:libext2fs-devel-static-1.46.4-1.1.s390x",
            "openSUSE Tumbleweed:libext2fs-devel-static-1.46.4-1.1.x86_64",
            "openSUSE Tumbleweed:libext2fs2-1.46.4-1.1.aarch64",
            "openSUSE Tumbleweed:libext2fs2-1.46.4-1.1.ppc64le",
            "openSUSE Tumbleweed:libext2fs2-1.46.4-1.1.s390x",
            "openSUSE Tumbleweed:libext2fs2-1.46.4-1.1.x86_64",
            "openSUSE Tumbleweed:libext2fs2-32bit-1.46.4-1.1.aarch64",
            "openSUSE Tumbleweed:libext2fs2-32bit-1.46.4-1.1.ppc64le",
            "openSUSE Tumbleweed:libext2fs2-32bit-1.46.4-1.1.s390x",
            "openSUSE Tumbleweed:libext2fs2-32bit-1.46.4-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2007-5497"
    },
    {
      "cve": "CVE-2019-5094",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-5094"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:e2fsprogs-1.46.4-1.1.aarch64",
          "openSUSE Tumbleweed:e2fsprogs-1.46.4-1.1.ppc64le",
          "openSUSE Tumbleweed:e2fsprogs-1.46.4-1.1.s390x",
          "openSUSE Tumbleweed:e2fsprogs-1.46.4-1.1.x86_64",
          "openSUSE Tumbleweed:e2fsprogs-devel-1.46.4-1.1.aarch64",
          "openSUSE Tumbleweed:e2fsprogs-devel-1.46.4-1.1.ppc64le",
          "openSUSE Tumbleweed:e2fsprogs-devel-1.46.4-1.1.s390x",
          "openSUSE Tumbleweed:e2fsprogs-devel-1.46.4-1.1.x86_64",
          "openSUSE Tumbleweed:e2fsprogs-scrub-1.46.4-1.1.aarch64",
          "openSUSE Tumbleweed:e2fsprogs-scrub-1.46.4-1.1.ppc64le",
          "openSUSE Tumbleweed:e2fsprogs-scrub-1.46.4-1.1.s390x",
          "openSUSE Tumbleweed:e2fsprogs-scrub-1.46.4-1.1.x86_64",
          "openSUSE Tumbleweed:libcom_err-devel-1.46.4-1.1.aarch64",
          "openSUSE Tumbleweed:libcom_err-devel-1.46.4-1.1.ppc64le",
          "openSUSE Tumbleweed:libcom_err-devel-1.46.4-1.1.s390x",
          "openSUSE Tumbleweed:libcom_err-devel-1.46.4-1.1.x86_64",
          "openSUSE Tumbleweed:libcom_err-devel-32bit-1.46.4-1.1.aarch64",
          "openSUSE Tumbleweed:libcom_err-devel-32bit-1.46.4-1.1.ppc64le",
          "openSUSE Tumbleweed:libcom_err-devel-32bit-1.46.4-1.1.s390x",
          "openSUSE Tumbleweed:libcom_err-devel-32bit-1.46.4-1.1.x86_64",
          "openSUSE Tumbleweed:libcom_err-devel-static-1.46.4-1.1.aarch64",
          "openSUSE Tumbleweed:libcom_err-devel-static-1.46.4-1.1.ppc64le",
          "openSUSE Tumbleweed:libcom_err-devel-static-1.46.4-1.1.s390x",
          "openSUSE Tumbleweed:libcom_err-devel-static-1.46.4-1.1.x86_64",
          "openSUSE Tumbleweed:libcom_err2-1.46.4-1.1.aarch64",
          "openSUSE Tumbleweed:libcom_err2-1.46.4-1.1.ppc64le",
          "openSUSE Tumbleweed:libcom_err2-1.46.4-1.1.s390x",
          "openSUSE Tumbleweed:libcom_err2-1.46.4-1.1.x86_64",
          "openSUSE Tumbleweed:libcom_err2-32bit-1.46.4-1.1.aarch64",
          "openSUSE Tumbleweed:libcom_err2-32bit-1.46.4-1.1.ppc64le",
          "openSUSE Tumbleweed:libcom_err2-32bit-1.46.4-1.1.s390x",
          "openSUSE Tumbleweed:libcom_err2-32bit-1.46.4-1.1.x86_64",
          "openSUSE Tumbleweed:libext2fs-devel-1.46.4-1.1.aarch64",
          "openSUSE Tumbleweed:libext2fs-devel-1.46.4-1.1.ppc64le",
          "openSUSE Tumbleweed:libext2fs-devel-1.46.4-1.1.s390x",
          "openSUSE Tumbleweed:libext2fs-devel-1.46.4-1.1.x86_64",
          "openSUSE Tumbleweed:libext2fs-devel-32bit-1.46.4-1.1.aarch64",
          "openSUSE Tumbleweed:libext2fs-devel-32bit-1.46.4-1.1.ppc64le",
          "openSUSE Tumbleweed:libext2fs-devel-32bit-1.46.4-1.1.s390x",
          "openSUSE Tumbleweed:libext2fs-devel-32bit-1.46.4-1.1.x86_64",
          "openSUSE Tumbleweed:libext2fs-devel-static-1.46.4-1.1.aarch64",
          "openSUSE Tumbleweed:libext2fs-devel-static-1.46.4-1.1.ppc64le",
          "openSUSE Tumbleweed:libext2fs-devel-static-1.46.4-1.1.s390x",
          "openSUSE Tumbleweed:libext2fs-devel-static-1.46.4-1.1.x86_64",
          "openSUSE Tumbleweed:libext2fs2-1.46.4-1.1.aarch64",
          "openSUSE Tumbleweed:libext2fs2-1.46.4-1.1.ppc64le",
          "openSUSE Tumbleweed:libext2fs2-1.46.4-1.1.s390x",
          "openSUSE Tumbleweed:libext2fs2-1.46.4-1.1.x86_64",
          "openSUSE Tumbleweed:libext2fs2-32bit-1.46.4-1.1.aarch64",
          "openSUSE Tumbleweed:libext2fs2-32bit-1.46.4-1.1.ppc64le",
          "openSUSE Tumbleweed:libext2fs2-32bit-1.46.4-1.1.s390x",
          "openSUSE Tumbleweed:libext2fs2-32bit-1.46.4-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-5094",
          "url": "https://www.suse.com/security/cve/CVE-2019-5094"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1152101 for CVE-2019-5094",
          "url": "https://bugzilla.suse.com/1152101"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:e2fsprogs-1.46.4-1.1.aarch64",
            "openSUSE Tumbleweed:e2fsprogs-1.46.4-1.1.ppc64le",
            "openSUSE Tumbleweed:e2fsprogs-1.46.4-1.1.s390x",
            "openSUSE Tumbleweed:e2fsprogs-1.46.4-1.1.x86_64",
            "openSUSE Tumbleweed:e2fsprogs-devel-1.46.4-1.1.aarch64",
            "openSUSE Tumbleweed:e2fsprogs-devel-1.46.4-1.1.ppc64le",
            "openSUSE Tumbleweed:e2fsprogs-devel-1.46.4-1.1.s390x",
            "openSUSE Tumbleweed:e2fsprogs-devel-1.46.4-1.1.x86_64",
            "openSUSE Tumbleweed:e2fsprogs-scrub-1.46.4-1.1.aarch64",
            "openSUSE Tumbleweed:e2fsprogs-scrub-1.46.4-1.1.ppc64le",
            "openSUSE Tumbleweed:e2fsprogs-scrub-1.46.4-1.1.s390x",
            "openSUSE Tumbleweed:e2fsprogs-scrub-1.46.4-1.1.x86_64",
            "openSUSE Tumbleweed:libcom_err-devel-1.46.4-1.1.aarch64",
            "openSUSE Tumbleweed:libcom_err-devel-1.46.4-1.1.ppc64le",
            "openSUSE Tumbleweed:libcom_err-devel-1.46.4-1.1.s390x",
            "openSUSE Tumbleweed:libcom_err-devel-1.46.4-1.1.x86_64",
            "openSUSE Tumbleweed:libcom_err-devel-32bit-1.46.4-1.1.aarch64",
            "openSUSE Tumbleweed:libcom_err-devel-32bit-1.46.4-1.1.ppc64le",
            "openSUSE Tumbleweed:libcom_err-devel-32bit-1.46.4-1.1.s390x",
            "openSUSE Tumbleweed:libcom_err-devel-32bit-1.46.4-1.1.x86_64",
            "openSUSE Tumbleweed:libcom_err-devel-static-1.46.4-1.1.aarch64",
            "openSUSE Tumbleweed:libcom_err-devel-static-1.46.4-1.1.ppc64le",
            "openSUSE Tumbleweed:libcom_err-devel-static-1.46.4-1.1.s390x",
            "openSUSE Tumbleweed:libcom_err-devel-static-1.46.4-1.1.x86_64",
            "openSUSE Tumbleweed:libcom_err2-1.46.4-1.1.aarch64",
            "openSUSE Tumbleweed:libcom_err2-1.46.4-1.1.ppc64le",
            "openSUSE Tumbleweed:libcom_err2-1.46.4-1.1.s390x",
            "openSUSE Tumbleweed:libcom_err2-1.46.4-1.1.x86_64",
            "openSUSE Tumbleweed:libcom_err2-32bit-1.46.4-1.1.aarch64",
            "openSUSE Tumbleweed:libcom_err2-32bit-1.46.4-1.1.ppc64le",
            "openSUSE Tumbleweed:libcom_err2-32bit-1.46.4-1.1.s390x",
            "openSUSE Tumbleweed:libcom_err2-32bit-1.46.4-1.1.x86_64",
            "openSUSE Tumbleweed:libext2fs-devel-1.46.4-1.1.aarch64",
            "openSUSE Tumbleweed:libext2fs-devel-1.46.4-1.1.ppc64le",
            "openSUSE Tumbleweed:libext2fs-devel-1.46.4-1.1.s390x",
            "openSUSE Tumbleweed:libext2fs-devel-1.46.4-1.1.x86_64",
            "openSUSE Tumbleweed:libext2fs-devel-32bit-1.46.4-1.1.aarch64",
            "openSUSE Tumbleweed:libext2fs-devel-32bit-1.46.4-1.1.ppc64le",
            "openSUSE Tumbleweed:libext2fs-devel-32bit-1.46.4-1.1.s390x",
            "openSUSE Tumbleweed:libext2fs-devel-32bit-1.46.4-1.1.x86_64",
            "openSUSE Tumbleweed:libext2fs-devel-static-1.46.4-1.1.aarch64",
            "openSUSE Tumbleweed:libext2fs-devel-static-1.46.4-1.1.ppc64le",
            "openSUSE Tumbleweed:libext2fs-devel-static-1.46.4-1.1.s390x",
            "openSUSE Tumbleweed:libext2fs-devel-static-1.46.4-1.1.x86_64",
            "openSUSE Tumbleweed:libext2fs2-1.46.4-1.1.aarch64",
            "openSUSE Tumbleweed:libext2fs2-1.46.4-1.1.ppc64le",
            "openSUSE Tumbleweed:libext2fs2-1.46.4-1.1.s390x",
            "openSUSE Tumbleweed:libext2fs2-1.46.4-1.1.x86_64",
            "openSUSE Tumbleweed:libext2fs2-32bit-1.46.4-1.1.aarch64",
            "openSUSE Tumbleweed:libext2fs2-32bit-1.46.4-1.1.ppc64le",
            "openSUSE Tumbleweed:libext2fs2-32bit-1.46.4-1.1.s390x",
            "openSUSE Tumbleweed:libext2fs2-32bit-1.46.4-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:e2fsprogs-1.46.4-1.1.aarch64",
            "openSUSE Tumbleweed:e2fsprogs-1.46.4-1.1.ppc64le",
            "openSUSE Tumbleweed:e2fsprogs-1.46.4-1.1.s390x",
            "openSUSE Tumbleweed:e2fsprogs-1.46.4-1.1.x86_64",
            "openSUSE Tumbleweed:e2fsprogs-devel-1.46.4-1.1.aarch64",
            "openSUSE Tumbleweed:e2fsprogs-devel-1.46.4-1.1.ppc64le",
            "openSUSE Tumbleweed:e2fsprogs-devel-1.46.4-1.1.s390x",
            "openSUSE Tumbleweed:e2fsprogs-devel-1.46.4-1.1.x86_64",
            "openSUSE Tumbleweed:e2fsprogs-scrub-1.46.4-1.1.aarch64",
            "openSUSE Tumbleweed:e2fsprogs-scrub-1.46.4-1.1.ppc64le",
            "openSUSE Tumbleweed:e2fsprogs-scrub-1.46.4-1.1.s390x",
            "openSUSE Tumbleweed:e2fsprogs-scrub-1.46.4-1.1.x86_64",
            "openSUSE Tumbleweed:libcom_err-devel-1.46.4-1.1.aarch64",
            "openSUSE Tumbleweed:libcom_err-devel-1.46.4-1.1.ppc64le",
            "openSUSE Tumbleweed:libcom_err-devel-1.46.4-1.1.s390x",
            "openSUSE Tumbleweed:libcom_err-devel-1.46.4-1.1.x86_64",
            "openSUSE Tumbleweed:libcom_err-devel-32bit-1.46.4-1.1.aarch64",
            "openSUSE Tumbleweed:libcom_err-devel-32bit-1.46.4-1.1.ppc64le",
            "openSUSE Tumbleweed:libcom_err-devel-32bit-1.46.4-1.1.s390x",
            "openSUSE Tumbleweed:libcom_err-devel-32bit-1.46.4-1.1.x86_64",
            "openSUSE Tumbleweed:libcom_err-devel-static-1.46.4-1.1.aarch64",
            "openSUSE Tumbleweed:libcom_err-devel-static-1.46.4-1.1.ppc64le",
            "openSUSE Tumbleweed:libcom_err-devel-static-1.46.4-1.1.s390x",
            "openSUSE Tumbleweed:libcom_err-devel-static-1.46.4-1.1.x86_64",
            "openSUSE Tumbleweed:libcom_err2-1.46.4-1.1.aarch64",
            "openSUSE Tumbleweed:libcom_err2-1.46.4-1.1.ppc64le",
            "openSUSE Tumbleweed:libcom_err2-1.46.4-1.1.s390x",
            "openSUSE Tumbleweed:libcom_err2-1.46.4-1.1.x86_64",
            "openSUSE Tumbleweed:libcom_err2-32bit-1.46.4-1.1.aarch64",
            "openSUSE Tumbleweed:libcom_err2-32bit-1.46.4-1.1.ppc64le",
            "openSUSE Tumbleweed:libcom_err2-32bit-1.46.4-1.1.s390x",
            "openSUSE Tumbleweed:libcom_err2-32bit-1.46.4-1.1.x86_64",
            "openSUSE Tumbleweed:libext2fs-devel-1.46.4-1.1.aarch64",
            "openSUSE Tumbleweed:libext2fs-devel-1.46.4-1.1.ppc64le",
            "openSUSE Tumbleweed:libext2fs-devel-1.46.4-1.1.s390x",
            "openSUSE Tumbleweed:libext2fs-devel-1.46.4-1.1.x86_64",
            "openSUSE Tumbleweed:libext2fs-devel-32bit-1.46.4-1.1.aarch64",
            "openSUSE Tumbleweed:libext2fs-devel-32bit-1.46.4-1.1.ppc64le",
            "openSUSE Tumbleweed:libext2fs-devel-32bit-1.46.4-1.1.s390x",
            "openSUSE Tumbleweed:libext2fs-devel-32bit-1.46.4-1.1.x86_64",
            "openSUSE Tumbleweed:libext2fs-devel-static-1.46.4-1.1.aarch64",
            "openSUSE Tumbleweed:libext2fs-devel-static-1.46.4-1.1.ppc64le",
            "openSUSE Tumbleweed:libext2fs-devel-static-1.46.4-1.1.s390x",
            "openSUSE Tumbleweed:libext2fs-devel-static-1.46.4-1.1.x86_64",
            "openSUSE Tumbleweed:libext2fs2-1.46.4-1.1.aarch64",
            "openSUSE Tumbleweed:libext2fs2-1.46.4-1.1.ppc64le",
            "openSUSE Tumbleweed:libext2fs2-1.46.4-1.1.s390x",
            "openSUSE Tumbleweed:libext2fs2-1.46.4-1.1.x86_64",
            "openSUSE Tumbleweed:libext2fs2-32bit-1.46.4-1.1.aarch64",
            "openSUSE Tumbleweed:libext2fs2-32bit-1.46.4-1.1.ppc64le",
            "openSUSE Tumbleweed:libext2fs2-32bit-1.46.4-1.1.s390x",
            "openSUSE Tumbleweed:libext2fs2-32bit-1.46.4-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2019-5094"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2007-5497 (GCVE-0-2007-5497)

Description

Solution

Description

Solution

Description

Solution

Description

Solution

Description

Solution

Description

Solution

Tags

Sightings

Nomenclature