CVE-2007-0391 - Format string vulnerability in the log creation functionality of BitDefender Client Professional Plu

CVE-2007-0391

Summary

Format string vulnerability in the log creation functionality of BitDefender Client Professional Plus 8.02 allows attackers to execute arbitrary code via certain scan job settings.

References

Vulnerable Configurations

cpe:2.3:a:bitdefender:bitdefender_client:professional_plus_8.02:*:*:*:*:*:*:*
cpe:2.3:a:bitdefender:bitdefender_client:professional_plus_8.02:*:*:*:*:*:*:*

CVSS

Base:	7.2 (as of 16-10-2018 - 16:32)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:L/Au:N/C:C/I:C/A:C

refmap via4

bid	22128
bugtraq	20070119 Layered Defense Research Advisory: BitDefender Client 8.02 Format String Vulnerability
confirm	http://www.bitdefender.com/KB325-en--Format-string-vulnerability.html
fulldisc	20070119 Layered Defense Research Advisory: BitDefender Client 8.02 Format String Vulnerability
vupen	ADV-2007-0253
xf	bitdefender-scanjob-format-string(31608)

Last major update

16-10-2018 - 16:32

Published

19-01-2007 - 23:28

Last modified

16-10-2018 - 16:32