CVE-2007-5007

{"id": "CVE-2007-5007", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2007-12-12T22:10:00.000", "references": [{"url": "http://bugs.gentoo.org/show_bug.cgi?id=193179", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://bugzilla.gnome.org/show_bug.cgi?id=474366", "source": "cve@mitre.org"}, {"url": "http://mail.gnome.org/archives/balsa-list/2007-September/msg00010.html", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://osvdb.org/40585", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/26947", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/26987", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/27272", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.gentoo.org/security/en/glsa/glsa-200710-17.xml", "source": "cve@mitre.org"}, {"url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/25777", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/3263", "source": "cve@mitre.org"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=297581", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in the ir_fetch_seq function in balsa before 2.3.20 might allow remote IMAP servers to execute arbitrary code via a long response to a FETCH command."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer basado en pila en la funci\u00f3n ir_fetch_seq de balsa anterior a 2.3.20 pod\u00eda permitir a servidores IMAP remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante una respuesta larga para un comando FETCH."}], "lastModified": "2011-03-08T02:59:55.250", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:gnome:balsa:1.1.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "950C09DA-EAEA-4DE7-8A5E-ED9E82C653F5"}, {"criteria": "cpe:2.3:a:gnome:balsa:1.2.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B1BCE579-53AC-4B05-9E33-ACDA345D5B6A"}, {"criteria": "cpe:2.3:a:gnome:balsa:1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6C0E134F-93E3-4754-98A5-E6917853C99B"}, {"criteria": "cpe:2.3:a:gnome:balsa:1.4.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3D0FCECC-E287-486D-A8C1-CA952F4FBC67"}, {"criteria": "cpe:2.3:a:gnome:balsa:2.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9EAE6454-3B98-4AC8-8C03-4943F168AEF8"}, {"criteria": "cpe:2.3:a:gnome:balsa:2.0.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "91C14FE8-1596-4C1C-924D-D296EDB8FB9F"}, {"criteria": "cpe:2.3:a:gnome:balsa:2.0.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7225E52A-13A9-4283-8B00-D22C47358871"}, {"criteria": "cpe:2.3:a:gnome:balsa:2.0.17:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C7927268-514A-45C8-9A03-CF33426B2875"}, {"criteria": "cpe:2.3:a:gnome:balsa:2.0.18:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AFC7FF7A-856E-42BC-9129-A1B28F508EAB"}, {"criteria": "cpe:2.3:a:gnome:balsa:2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "871512E9-340D-4BC3-A2C0-5D160E6F4004"}, {"criteria": "cpe:2.3:a:gnome:balsa:2.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "596A3E04-CB96-4DFE-AE7C-B506DD3C54D8"}, {"criteria": "cpe:2.3:a:gnome:balsa:2.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "209D1628-7C99-4722-8038-B835BDE57B5D"}, {"criteria": "cpe:2.3:a:gnome:balsa:2.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B8E8B391-160B-49E0-8505-AA0E625A792C"}, {"criteria": "cpe:2.3:a:gnome:balsa:2.1.90:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EB30197C-3991-469D-83E9-9EBE17BFA59F"}, {"criteria": "cpe:2.3:a:gnome:balsa:2.1.91:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C5BCD53C-61D5-49E2-8854-F8F8021DAA85"}, {"criteria": "cpe:2.3:a:gnome:balsa:2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA6D9C1F-A67A-4E1F-B6BE-9F98F9998DDD"}, {"criteria": "cpe:2.3:a:gnome:balsa:2.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6B88D420-12D1-4196-9B6C-3A6BD4F4371C"}, {"criteria": "cpe:2.3:a:gnome:balsa:2.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4FDDFC9F-A654-4644-9E8C-6F5902BFC51B"}, {"criteria": "cpe:2.3:a:gnome:balsa:2.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EAFC41E5-6000-44B8-A7AC-426185E8FAB9"}, {"criteria": "cpe:2.3:a:gnome:balsa:2.2.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38D0233D-CCFC-47C0-B4D6-5F5F91A6260A"}, {"criteria": "cpe:2.3:a:gnome:balsa:2.2.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FBA69D3A-E357-4B2A-9E9C-2CADA91E45A3"}, {"criteria": "cpe:2.3:a:gnome:balsa:2.2.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9506DE3C-AD8D-4128-AA5A-1B72465B73AF"}, {"criteria": "cpe:2.3:a:gnome:balsa:2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E1A9132B-91DC-404D-A3CA-69457DB75A71"}, {"criteria": "cpe:2.3:a:gnome:balsa:2.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "943CFC36-8856-4D8B-A7E5-DF1458769EBA"}, {"criteria": "cpe:2.3:a:gnome:balsa:2.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "46DE94C8-F5D4-4D8C-AF9C-0290F24575AE"}, {"criteria": "cpe:2.3:a:gnome:balsa:2.3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8B6C96C8-34EE-4C10-BB16-A093CB626FFC"}, {"criteria": "cpe:2.3:a:gnome:balsa:2.3.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B8C116A3-1F8B-4F6B-8056-0685C9DAF9CF"}, {"criteria": "cpe:2.3:a:gnome:balsa:2.3.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1134D391-A0CF-41AD-B871-423F1929BA58"}, {"criteria": "cpe:2.3:a:gnome:balsa:2.3.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "50F69A80-C311-4840-AF70-ABDDB2D006EB"}, {"criteria": "cpe:2.3:a:gnome:balsa:2.3.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "79156072-C833-4C7A-A07A-71DDC5BDCB4B"}, {"criteria": "cpe:2.3:a:gnome:balsa:2.3.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2BA4632D-4729-42A3-8778-C02F50D95C27"}, {"criteria": "cpe:2.3:a:gnome:balsa:2.3.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0F968DAE-A85A-483E-918F-45DA7CD5C0E4"}, {"criteria": "cpe:2.3:a:gnome:balsa:2.3.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6730AE89-6168-47FA-8C3C-8A54A8CF0790"}, {"criteria": "cpe:2.3:a:gnome:balsa:2.3.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "61899224-39E2-485A-BD02-D0F596D0C3B9"}, {"criteria": "cpe:2.3:a:gnome:balsa:2.3.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0A3C98B1-04E7-4FB9-BBCA-A0CAC5C85453"}, {"criteria": "cpe:2.3:a:gnome:balsa:2.3.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "850D4CD2-1F1F-43B7-8DD0-00985F059637"}, {"criteria": "cpe:2.3:a:gnome:balsa:2.3.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9A426AAD-E53A-4BCF-ADA2-A25215F36EA3"}, {"criteria": "cpe:2.3:a:gnome:balsa:2.3.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6A81A463-B9DF-4626-BA1F-0386D77A3BC9"}, {"criteria": "cpe:2.3:a:gnome:balsa:2.3.17:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BDDA6B44-CB69-47FA-AC29-1A5D7BA14080"}, {"criteria": "cpe:2.3:a:gnome:balsa:2.3.19:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "401E38DB-D54C-49B0-93B6-2DDE6FA93F6E"}], "operator": "OR"}]}], "vendorComments": [{"comment": "Not vulnerable. This issue did not affect version of balsa as shipped with Red Hat Enterprise Linux 2.1.", "lastModified": "2008-01-09T00:00:00", "organization": "Red Hat"}], "sourceIdentifier": "cve@mitre.org"}