Vulnerabilites related to ext2_filesystems_utilities - e2fsprogs
CVE-2007-5497 (GCVE-0-2007-5497)
Vulnerability from cvelistv5
Published
2007-12-07 11:00
Modified
2024-08-07 15:31
Severity ?
CWE
  • n/a
Summary
Multiple integer overflows in libext2fs in e2fsprogs before 1.40.3 allow user-assisted remote attackers to execute arbitrary code via a crafted filesystem image.
References
http://secunia.com/advisories/27965 third-party-advisory, x_refsource_SECUNIA
http://www.securitytracker.com/id?1019537 vdb-entry, x_refsource_SECTRACK
http://www.securityfocus.com/bid/26772 vdb-entry, x_refsource_BID
http://www.vmware.com/security/advisories/VMSA-2008-0004.html x_refsource_CONFIRM
http://secunia.com/advisories/28541 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/28000 third-party-advisory, x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/38903 vdb-entry, x_refsource_XF
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10399 vdb-entry, signature, x_refsource_OVAL
http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083 vendor-advisory, x_refsource_HP
http://www.redhat.com/support/errata/RHSA-2008-0003.html vendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2007/4135 vdb-entry, x_refsource_VUPEN
http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083 vendor-advisory, x_refsource_HP
http://www.securityfocus.com/archive/1/487999/100/0/threaded mailing-list, x_refsource_BUGTRAQ
http://secunia.com/advisories/28042 third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/489082/100/0/threaded mailing-list, x_refsource_BUGTRAQ
http://secunia.com/advisories/29224 third-party-advisory, x_refsource_SECUNIA
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00629.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/40551 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2007/dsa-1422 vendor-advisory, x_refsource_DEBIAN
http://www.novell.com/linux/security/advisories/2007_25_sr.html vendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/27987 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/28030 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2008/0761 vdb-entry, x_refsource_VUPEN
http://support.citrix.com/article/CTX118766 x_refsource_CONFIRM
http://secunia.com/advisories/27889 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/28648 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2010/1796 vdb-entry, x_refsource_VUPEN
http://www.ubuntu.com/usn/usn-555-1 vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/28360 third-party-advisory, x_refsource_SECUNIA
http://sourceforge.net/project/shownotes.php?release_id=560230&group_id=2406 x_refsource_CONFIRM
http://secunia.com/advisories/32774 third-party-advisory, x_refsource_SECUNIA
https://issues.rpath.com/browse/RPL-2011 x_refsource_CONFIRM
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00618.html vendor-advisory, x_refsource_FEDORA
http://lists.vmware.com/pipermail/security-announce/2008/000007.html mailing-list, x_refsource_MLIST
http://support.avaya.com/elmodocs2/security/ASA-2008-040.htm x_refsource_CONFIRM
http://wiki.rpath.com/Advisories:rPSA-2007-0262 x_refsource_CONFIRM
http://www.mandriva.com/security/advisories?name=MDKSA-2007:242 vendor-advisory, x_refsource_MANDRIVA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:31:58.672Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "27965",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27965"
          },
          {
            "name": "1019537",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1019537"
          },
          {
            "name": "26772",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26772"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2008-0004.html"
          },
          {
            "name": "28541",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28541"
          },
          {
            "name": "28000",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28000"
          },
          {
            "name": "e2fsprogs-libext2fs-integer-overflow(38903)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38903"
          },
          {
            "name": "oval:org.mitre.oval:def:10399",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10399"
          },
          {
            "name": "SSRT100018",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083"
          },
          {
            "name": "RHSA-2008:0003",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0003.html"
          },
          {
            "name": "ADV-2007-4135",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/4135"
          },
          {
            "name": "HPSBMA02554",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083"
          },
          {
            "name": "20080212 FLEA-2008-0005-1 e2fsprogs",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/487999/100/0/threaded"
          },
          {
            "name": "28042",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28042"
          },
          {
            "name": "20080303 VMSA-2008-0004 Low: Updated e2fsprogs service console package",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/489082/100/0/threaded"
          },
          {
            "name": "29224",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29224"
          },
          {
            "name": "FEDORA-2007-4461",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00629.html"
          },
          {
            "name": "40551",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/40551"
          },
          {
            "name": "DSA-1422",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2007/dsa-1422"
          },
          {
            "name": "SUSE-SR:2007:025",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_25_sr.html"
          },
          {
            "name": "27987",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27987"
          },
          {
            "name": "28030",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28030"
          },
          {
            "name": "ADV-2008-0761",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0761"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.citrix.com/article/CTX118766"
          },
          {
            "name": "27889",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27889"
          },
          {
            "name": "28648",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28648"
          },
          {
            "name": "ADV-2010-1796",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1796"
          },
          {
            "name": "USN-555-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-555-1"
          },
          {
            "name": "28360",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28360"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sourceforge.net/project/shownotes.php?release_id=560230\u0026group_id=2406"
          },
          {
            "name": "32774",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/32774"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-2011"
          },
          {
            "name": "FEDORA-2007-4447",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00618.html"
          },
          {
            "name": "[Security-announce] 20080303 VMSA-2008-0004 Low: Updated e2fsprogs service console package",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.vmware.com/pipermail/security-announce/2008/000007.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-040.htm"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://wiki.rpath.com/Advisories:rPSA-2007-0262"
          },
          {
            "name": "MDKSA-2007:242",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:242"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-12-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple integer overflows in libext2fs in e2fsprogs before 1.40.3 allow user-assisted remote attackers to execute arbitrary code via a crafted filesystem image."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "27965",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27965"
        },
        {
          "name": "1019537",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1019537"
        },
        {
          "name": "26772",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26772"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2008-0004.html"
        },
        {
          "name": "28541",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28541"
        },
        {
          "name": "28000",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28000"
        },
        {
          "name": "e2fsprogs-libext2fs-integer-overflow(38903)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38903"
        },
        {
          "name": "oval:org.mitre.oval:def:10399",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10399"
        },
        {
          "name": "SSRT100018",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083"
        },
        {
          "name": "RHSA-2008:0003",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2008-0003.html"
        },
        {
          "name": "ADV-2007-4135",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/4135"
        },
        {
          "name": "HPSBMA02554",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083"
        },
        {
          "name": "20080212 FLEA-2008-0005-1 e2fsprogs",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/487999/100/0/threaded"
        },
        {
          "name": "28042",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28042"
        },
        {
          "name": "20080303 VMSA-2008-0004 Low: Updated e2fsprogs service console package",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/489082/100/0/threaded"
        },
        {
          "name": "29224",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29224"
        },
        {
          "name": "FEDORA-2007-4461",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00629.html"
        },
        {
          "name": "40551",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/40551"
        },
        {
          "name": "DSA-1422",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2007/dsa-1422"
        },
        {
          "name": "SUSE-SR:2007:025",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_25_sr.html"
        },
        {
          "name": "27987",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27987"
        },
        {
          "name": "28030",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28030"
        },
        {
          "name": "ADV-2008-0761",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0761"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.citrix.com/article/CTX118766"
        },
        {
          "name": "27889",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27889"
        },
        {
          "name": "28648",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28648"
        },
        {
          "name": "ADV-2010-1796",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1796"
        },
        {
          "name": "USN-555-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-555-1"
        },
        {
          "name": "28360",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28360"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sourceforge.net/project/shownotes.php?release_id=560230\u0026group_id=2406"
        },
        {
          "name": "32774",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/32774"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-2011"
        },
        {
          "name": "FEDORA-2007-4447",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00618.html"
        },
        {
          "name": "[Security-announce] 20080303 VMSA-2008-0004 Low: Updated e2fsprogs service console package",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.vmware.com/pipermail/security-announce/2008/000007.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-040.htm"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://wiki.rpath.com/Advisories:rPSA-2007-0262"
        },
        {
          "name": "MDKSA-2007:242",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:242"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2007-5497",
    "datePublished": "2007-12-07T11:00:00",
    "dateReserved": "2007-10-17T00:00:00",
    "dateUpdated": "2024-08-07T15:31:58.672Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerability from fkie_nvd
Published
2007-12-07 11:46
Modified
2025-04-09 00:30
Severity ?
Summary
Multiple integer overflows in libext2fs in e2fsprogs before 1.40.3 allow user-assisted remote attackers to execute arbitrary code via a crafted filesystem image.
References
secalert@redhat.comhttp://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083
secalert@redhat.comhttp://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083
secalert@redhat.comhttp://lists.vmware.com/pipermail/security-announce/2008/000007.html
secalert@redhat.comhttp://secunia.com/advisories/27889Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/27965Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/27987Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/28000Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/28030Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/28042Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/28360Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/28541Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/28648Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/29224Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/32774
secalert@redhat.comhttp://secunia.com/advisories/40551Vendor Advisory
secalert@redhat.comhttp://sourceforge.net/project/shownotes.php?release_id=560230&group_id=2406
secalert@redhat.comhttp://support.avaya.com/elmodocs2/security/ASA-2008-040.htm
secalert@redhat.comhttp://support.citrix.com/article/CTX118766
secalert@redhat.comhttp://wiki.rpath.com/Advisories:rPSA-2007-0262
secalert@redhat.comhttp://www.debian.org/security/2007/dsa-1422
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:242
secalert@redhat.comhttp://www.novell.com/linux/security/advisories/2007_25_sr.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2008-0003.htmlVendor Advisory
secalert@redhat.comhttp://www.securityfocus.com/archive/1/487999/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/489082/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/bid/26772
secalert@redhat.comhttp://www.securitytracker.com/id?1019537
secalert@redhat.comhttp://www.ubuntu.com/usn/usn-555-1
secalert@redhat.comhttp://www.vmware.com/security/advisories/VMSA-2008-0004.html
secalert@redhat.comhttp://www.vupen.com/english/advisories/2007/4135Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2008/0761Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/1796Vendor Advisory
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/38903
secalert@redhat.comhttps://issues.rpath.com/browse/RPL-2011
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10399
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2008-January/msg00618.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2008-January/msg00629.html
af854a3a-2127-422b-91ae-364da2661108http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083
af854a3a-2127-422b-91ae-364da2661108http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083
af854a3a-2127-422b-91ae-364da2661108http://lists.vmware.com/pipermail/security-announce/2008/000007.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27889Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27965Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27987Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28000Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28030Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28042Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28360Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28541Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28648Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29224Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/32774
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/40551Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://sourceforge.net/project/shownotes.php?release_id=560230&group_id=2406
af854a3a-2127-422b-91ae-364da2661108http://support.avaya.com/elmodocs2/security/ASA-2008-040.htm
af854a3a-2127-422b-91ae-364da2661108http://support.citrix.com/article/CTX118766
af854a3a-2127-422b-91ae-364da2661108http://wiki.rpath.com/Advisories:rPSA-2007-0262
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2007/dsa-1422
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2007:242
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2007_25_sr.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2008-0003.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/487999/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/489082/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/26772
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1019537
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-555-1
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/security/advisories/VMSA-2008-0004.html
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/4135Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/0761Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/1796Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/38903
af854a3a-2127-422b-91ae-364da2661108https://issues.rpath.com/browse/RPL-2011
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10399
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00618.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00629.html
Impacted products
Vendor Product Version
ext2_filesystems_utilities e2fsprogs *
ext2_filesystems_utilities e2fsprogs 1.02
ext2_filesystems_utilities e2fsprogs 1.03
ext2_filesystems_utilities e2fsprogs 1.04
ext2_filesystems_utilities e2fsprogs 1.05
ext2_filesystems_utilities e2fsprogs 1.06
ext2_filesystems_utilities e2fsprogs 1.07
ext2_filesystems_utilities e2fsprogs 1.08
ext2_filesystems_utilities e2fsprogs 1.09
ext2_filesystems_utilities e2fsprogs 1.10
ext2_filesystems_utilities e2fsprogs 1.11
ext2_filesystems_utilities e2fsprogs 1.12
ext2_filesystems_utilities e2fsprogs 1.13
ext2_filesystems_utilities e2fsprogs 1.14
ext2_filesystems_utilities e2fsprogs 1.15
ext2_filesystems_utilities e2fsprogs 1.16
ext2_filesystems_utilities e2fsprogs 1.17
ext2_filesystems_utilities e2fsprogs 1.18
ext2_filesystems_utilities e2fsprogs 1.19
ext2_filesystems_utilities e2fsprogs 1.20
ext2_filesystems_utilities e2fsprogs 1.21
ext2_filesystems_utilities e2fsprogs 1.22
ext2_filesystems_utilities e2fsprogs 1.23
ext2_filesystems_utilities e2fsprogs 1.24
ext2_filesystems_utilities e2fsprogs 1.25
ext2_filesystems_utilities e2fsprogs 1.26
ext2_filesystems_utilities e2fsprogs 1.27
ext2_filesystems_utilities e2fsprogs 1.28
ext2_filesystems_utilities e2fsprogs 1.29
ext2_filesystems_utilities e2fsprogs 1.30
ext2_filesystems_utilities e2fsprogs 1.31
ext2_filesystems_utilities e2fsprogs 1.32
ext2_filesystems_utilities e2fsprogs 1.33
ext2_filesystems_utilities e2fsprogs 1.34
ext2_filesystems_utilities e2fsprogs 1.35
ext2_filesystems_utilities e2fsprogs 1.36
ext2_filesystems_utilities e2fsprogs 1.37
ext2_filesystems_utilities e2fsprogs 1.38
ext2_filesystems_utilities e2fsprogs 1.39
ext2_filesystems_utilities e2fsprogs 1.40
ext2_filesystems_utilities e2fsprogs 1.40.1



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AC81AB4-8B6F-4465-B0F9-BC7B1F72D6AC",
              "versionEndIncluding": "1.40.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEE1E909-EA45-4E69-B743-82436045EC12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.03:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2B7983A-68C2-4626-8DE5-E8FA15B11CE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.04:*:*:*:*:*:*:*",
              "matchCriteriaId": "86B9567E-A1F0-45AD-9572-DDC1B809FA02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.05:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAC3FE84-4183-4727-AFE0-9A48223E50DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.06:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AB0B87D-6288-4D16-BFFA-4420D137F0B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.07:*:*:*:*:*:*:*",
              "matchCriteriaId": "6199DAD0-FCEB-4917-B0D1-BB823A3EE434",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.08:*:*:*:*:*:*:*",
              "matchCriteriaId": "02A625EB-0C5E-4654-9A21-2F8A4ABD2C70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.09:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C2FD6C1-8CE1-4C22-9952-5D400A8A6283",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "D99BC504-67A4-4494-BFEB-2D49944C045A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "78FFADA7-DD53-47CB-8AC5-DC46CDFEFE53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D6366A0-ED37-4850-95CB-BB9F9793549C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE810EB3-685F-419C-B2E0-EBCB2E29D44E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CA532D0-6B23-41B6-8ECD-4F6F8046EF62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB357247-9885-49AD-B7A4-AF4523D3AE96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "28D7F610-5EAD-46A2-BD42-FE4CF22650EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "83D1C237-0AE4-4E75-B10A-464DE4BA32DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FDAEECA-5C63-4D6F-AA41-934235D15465",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "9CB8E29C-8038-41EF-82FB-27E249F0D946",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB85C46E-AE17-4EC9-811F-872F9B018679",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C46F88A-DF22-45D3-8CE8-A0C3EDE7C4A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "73A41A5C-5D90-4A13-ADBB-971B0872667C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EEC84D7-456D-436F-B807-35434FC69A9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D615C9B-04B9-480A-8C19-681B720F09B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "58897ED4-3494-41C6-9EB3-88074D211023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F75FC1B-E440-4975-8FA4-088B9DA4376D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "85E46684-0BB0-49D1-A028-440BD815B0A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F16B8E-49C0-4536-97A8-F284CF9BB61D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "37893C89-282F-4376-917E-5DD31F2D832D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8BD30BE-2E5C-4835-8DEF-FC59EF8A83C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "C36FCB50-2EAD-4ED7-AD5D-5FD197B8965B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F30FAD6-F7AB-4734-BC13-F4DBF7983260",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BAB51F0-A94E-4126-B50E-0F99D743D7AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "510DB0AF-A11E-4C2A-BD94-7D788EC156A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CDCB34E-D2A2-4AC8-828A-CAB77B68F2FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.36:*:*:*:*:*:*:*",
              "matchCriteriaId": "A33EEDE8-9348-425C-AD88-AE10426B3DBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B137B2E-001A-4BFA-BDB2-7378CC903E62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "E857EA7F-6E7D-4619-9330-867C2A5381FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "14C3B4FD-1144-442F-9304-2676FEFAB583",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "91F06131-5D63-4DF4-8D70-67892F327846",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.40.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "18FCB21D-8D93-4F19-BCFC-3861C5A8DB5F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple integer overflows in libext2fs in e2fsprogs before 1.40.3 allow user-assisted remote attackers to execute arbitrary code via a crafted filesystem image."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples desbordamientos enteros en libext2fs en e2fsprogs versiones anteriores a 1.40.3, permiten a los atacantes remotos asistidos por el usuario ejecutar c\u00f3digo arbitrario por medio de una imagen del sistema de archivos especialmente dise\u00f1ada."
    }
  ],
  "id": "CVE-2007-5497",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2007-12-07T11:46:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.vmware.com/pipermail/security-announce/2008/000007.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27889"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27965"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27987"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28000"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28030"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28042"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28360"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28541"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28648"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29224"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/32774"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/40551"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sourceforge.net/project/shownotes.php?release_id=560230\u0026group_id=2406"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-040.htm"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://support.citrix.com/article/CTX118766"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://wiki.rpath.com/Advisories:rPSA-2007-0262"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2007/dsa-1422"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:242"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.novell.com/linux/security/advisories/2007_25_sr.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0003.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/487999/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/489082/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/26772"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id?1019537"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/usn-555-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vmware.com/security/advisories/VMSA-2008-0004.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/4135"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/0761"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/1796"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38903"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://issues.rpath.com/browse/RPL-2011"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10399"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00618.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00629.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.vmware.com/pipermail/security-announce/2008/000007.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27889"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27965"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27987"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28000"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28030"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28042"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28360"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28541"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28648"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29224"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/32774"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/40551"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sourceforge.net/project/shownotes.php?release_id=560230\u0026group_id=2406"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-040.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.citrix.com/article/CTX118766"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://wiki.rpath.com/Advisories:rPSA-2007-0262"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2007/dsa-1422"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:242"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2007_25_sr.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/487999/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/489082/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/26772"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1019537"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-555-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/security/advisories/VMSA-2008-0004.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/4135"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/0761"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/1796"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38903"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-2011"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10399"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00618.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00629.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}