Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4550

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2007-4550
Last Modified 05 Sep 2008 05:28:30
Published 27 Aug 2007 08:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2007-4550

Summary

Format string vulnerability in ALPass 2.7 English and 3.02 Korean might allow user-assisted remote attackers to execute arbitrary code via format string specifiers in an fnm field in a folder-name record in an ALPASS DB (APW) file.

Vulnerable Systems

Application

  • Altools Alpass 2.7

  • Altools Alpass 3.02


References

BID - 25435

MISC - http://vuln.sg/alpass27-en.html

XF - alpass-apw-format-string(36256)

SECUNIA - 26616


Last Updated: 27 May 2016 10:45:54