Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5197

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2007-5197
Last Modified 07 Mar 2011 10:00:17
Published 02 Nov 2007 12:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-5197

Summary

Buffer overflow in the Mono.Math.BigInteger class in Mono 1.2.5.1 and earlier allows context-dependent attackers to execute arbitrary code via unspecified vectors related to Reduce in Montgomery-based Pow methods.

Vulnerable Systems

Application

  • Mono 1.0

  • Mono 1.0.5

  • Mono 1.1.13

  • Mono 1.1.13.4

  • Mono 1.1.13.6

  • Mono 1.1.13.7

  • Mono 1.1.17

  • Mono 1.1.17.1

  • Mono 1.1.18

  • Mono 1.1.4

  • Mono 1.1.8.3

  • Mono 1.2.5.1


References

FEDORA - FEDORA-2007-3130

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=367471

XF - mono-big-integer-bo(38248)

VUPEN - ADV-2007-3716

UBUNTU - USN-553-1

SECTRACK - 1018892

BID - 26279

SUSE - SUSE-SR:2007:023

MANDRIVA - MDKSA-2007:218

GENTOO - GLSA-200711-10

DEBIAN - DSA-1397

SECUNIA - 27937

SECUNIA - 27639

SECUNIA - 27612

SECUNIA - 27583

SECUNIA - 27511

SECUNIA - 27493

SECUNIA - 27439

CONFIRM - http://bugs.gentoo.org/show_bug.cgi?id=197067

CONFIRM - http://bugs.gentoo.org/attachment.cgi?id=134361&action=view


Last Updated: 27 May 2016 10:46:06