CVE-2007-1655 - Buffer overflow in the fun_ladd function in funmath.cpp in TinyMUX before 20070126 might allow remot

CVE-2007-1655

Summary

Buffer overflow in the fun_ladd function in funmath.cpp in TinyMUX before 20070126 might allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors related to lists of numbers.

References

http://code.google.com/p/tinymux/issues/detail?id=282&can=2&q=
http://osvdb.org/34686
http://secunia.com/advisories/24733
http://secunia.com/advisories/25784
http://www.debian.org/security/2007/dsa-1317
http://www.securityfocus.com/bid/23292
http://www.tinymux.org/changes.txt
http://www.vupen.com/english/advisories/2007/1213

Vulnerable Configurations

cpe:2.3:a:tinymux:tinymux:2.4:*:*:*:*:*:*:*
cpe:2.3:a:tinymux:tinymux:2.4:*:*:*:*:*:*:*

CVSS

Base:	10.0 (as of 23-07-2013 - 07:28)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:C/I:C/A:C

refmap via4

bid	23292
confirm	http://code.google.com/p/tinymux/issues/detail?id=282&can=2&q= http://www.tinymux.org/changes.txt
debian	DSA-1317
osvdb	34686
secunia	24733 25784
vupen	ADV-2007-1213

Last major update

23-07-2013 - 07:28

Published

24-03-2007 - 00:19

Last modified

23-07-2013 - 07:28