Ergebnis für URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2027 [1]CVE
[2](BUTTON) CVE List▾
[3]CVE List Search [4]Search Tips [5]CVE Request Web Form [6]Web Form Help [7]PGP
Key [8]CVE List Documents & Guidance [9]Terms of Use
[10](BUTTON) CNAs▾
[11]CVE Numbering Authorities (CNAs) [12]Participating CNAs [13]CNA Documents,
Policies & Guidance [14]CNA Rules, Version 3.0 [15]New CNA Onboarding [16]Slides
& Videos [17]How to Become a CNA
[18](BUTTON) WGs▾
[19]CVE Working Groups [20]Automation (AWG) [21]CNA Coordination (CNACWG)
[22]Outreach and Communications (OCWG) [23]CVE Quality (QWG) [24]Strategic
Planning (SPWG) [25]Tactical (TWG)
[26](BUTTON) Board▾
[27]CVE Board [28]Members [29]Email Archives [30]Meeting Archives [31]Board
Charter
[32](BUTTON) About▾
[33]About CVE [34]Professional Code of Conduct [35]CVE & NVD Relationship
[36]History [37]Sponsor [38]Documentation & Guidance [39]FAQs [40]Terminology
[41](BUTTON) News & Blog▾
[42]Latest CVE News [43]Blog [44]Podcast [45]Calendar [46]Archive [47]Follow CVE
[48]Free CVE Newsletter [49]CVEnew Twitter Feed Twitter [50]CVEannounce Twitter
Feed Twitter [51]CVE on Medium Medium [52]CVE on LinkedIn LinkedIn [53]CVEProject
on GitHub GitHub [54]CVE on YouTube YouTube
[55]Search CVE List
[56]Downloads
[57]Data Feeds
[58]Update a CVE Record
[59]Request CVE IDs
TOTAL CVE Records: [60]233151
NOTICE: Transition to the all-new CVE website at [61]WWW.CVE.ORG and [62]CVE
Record Format JSON are underway.
NOTICE: Legacy CVE download formats [63]deprecation is now underway and will end
on June 30, 2024.
New CVE List download format is [64]available now.
[65]Home > [66]CVE > CVE-2007-2027
¿
CVE-ID
CVE-2007-2027
[67]Learn more at National Vulnerability Database (NVD)
o CVSS Severity Rating o Fix Information o Vulnerable Software Versions o SCAP
Mappings o CPE Information
Description
Untrusted search path vulnerability in the add_filename_to_string function in
intl/gettext/loadmsgcat.c for Elinks 0.11.1 allows local users to cause Elinks to
use an untrusted gettext message catalog (.po file) in a "../po" directory, which
can be leveraged to conduct format string attacks.
References
Note: [68]References are provided for the convenience of the reader to help
distinguish between vulnerabilities. The list is not intended to be complete.
* BID:23844
* [69]URL:http://www.securityfocus.com/bid/23844
* [70]CONFIRM:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=417789
* [71]CONFIRM:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=235411
* GENTOO:GLSA-200706-03
* [72]URL:http://security.gentoo.org/glsa/glsa-200706-03.xml
* OSVDB:35668
* URL:[DEL: http://osvdb.org/35668 :DEL] (Obsolete source)
* OVAL:oval:org.mitre.oval:def:9741
* [73]URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.m
itre.oval%3Adef%3A9741
* SECUNIA:25169
* [74]URL:http://secunia.com/advisories/25169
* SECUNIA:25198
* [75]URL:http://secunia.com/advisories/25198
* SECUNIA:25255
* [76]URL:http://secunia.com/advisories/25255
* SECUNIA:25550
* [77]URL:http://secunia.com/advisories/25550
* TRUSTIX:2007-0017
* URL:[DEL: http://www.trustix.org/errata/2007/0017/ :DEL] (Obsolete source -
[78]check if archived by the Wayback Machine)
* UBUNTU:USN-457-1
* [79]URL:http://www.ubuntu.com/usn/usn-457-1
* VUPEN:ADV-2007-1686
* URL:[DEL: http://www.vupen.com/english/advisories/2007/1686 :DEL] (Obsolete
source)
Assigning CNA
MITRE Corporation
Date Record Created
20070413 Disclaimer: The [80]record creation date may reflect when the CVE ID was
allocated or reserved, and does not necessarily indicate when this vulnerability
was discovered, shared with the affected vendor, publicly disclosed, or updated
in CVE.
Phase (Legacy)
Assigned (20070413)
Votes (Legacy)
Comments (Legacy)
Proposed (Legacy)
N/A
This is an record on the [81]CVE List, which provides common identifiers for
publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: ____________________ Submit
You can also search by reference using the [82]CVE Reference Maps.
For More Information: [83]CVE Request Web Form (select "Other" from dropdown)
[84]Back to top
[85]Site Map | [86]Terms of Use | [87]Privacy Policy | [88]Contact Us | Follow
CVE [89]Twitter [90]LinkedIn [91]GitHub [92]YouTube [93]Medium [94]Search
CVE Website
Use of the CVE® List and the associated references from this website are subject
to the [95]terms of use. CVE is sponsored by the [96]U.S. Department of Homeland
Security (DHS) [97]Cybersecurity and Infrastructure Security Agency (CISA).
Copyright © 1999-2024, [98]The MITRE Corporation. CVE and the CVE logo are
registered trademarks of The MITRE Corporation.
References
Visible links:
1. https://cve.mitre.org/index.html
2. https://www.cve.org/
3. https://cve.mitre.org/cve/search_cve_list.html
4. https://cve.mitre.org/find/search_tips.html
5. https://cveform.mitre.org/
6. https://www.cve.org/ResourcesSupport/FAQs#pc_cve_request_web_form
7. https://www.cve.org/ResourcesSupport/FAQs#pc_cve_request_web_formweb_form_encrypt_requests
8. https://www.cve.org/ResourcesSupport/Resources
9. https://www.cve.org/Legal/TermsOfUse
10. https://www.cve.org/ProgramOrganization/CNAs
11. https://www.cve.org/ProgramOrganization/CNAs
12. https://www.cve.org/PartnerInformation/ListofPartners
13. https://www.cve.org/ResourcesSupport/Resources#CVENumberingAuthorities
14. https://www.cve.org/ResourcesSupport/AllResources/CNARules
15. https://www.cve.org/PartnerInformation/Partner#CNA
16. https://www.cve.org/ResourcesSupport/Resources#cnaOnboarding
17. https://www.cve.org/PartnerInformation/Partner#HowToBecomeAPartner
18. https://www.cve.org/ProgramOrganization/WorkingGroups
19. https://www.cve.org/ProgramOrganization/WorkingGroups
20. https://www.cve.org/ProgramOrganization/WorkingGroups#AutomationWorkingGroupAWG
21. https://www.cve.org/ProgramOrganization/WorkingGroups#CNACoordinationWorkingGroupCNACWG
22. https://www.cve.org/ProgramOrganization/WorkingGroups#OutreachandCommunicationsWorkingGroupOCWG
23. https://www.cve.org/ProgramOrganization/WorkingGroups#QualityWorkingGroupQWG
24. https://www.cve.org/ProgramOrganization/WorkingGroups#StrategicPlanningWorkingGroupSPWG
25. https://www.cve.org/ProgramOrganization/WorkingGroups#TacticalWorkingGroup
26. https://www.cve.org/ProgramOrganization/Board
27. https://www.cve.org/ProgramOrganization/Board
28. https://www.cve.org/ProgramOrganization/Board#Members
29. https://cve.mitre.org/community/board/archive.html#board_mail_list_archive
30. https://cve.mitre.org/community/board/archive.html#meeting_summaries
31. https://www.cve.org/ProgramOrganization/Board#Resources
32. https://www.cve.org/About/Overview
33. https://www.cve.org/About/Overview
34. https://www.cve.org/ResourcesSupport/AllResources/ProfessionalCodeOfConduct
35. https://www.cve.org/ResourcesSupport/FAQs#pc_introcve_nvd_relationship
36. https://www.cve.org/About/History
37. https://www.cve.org/ResourcesSupport/FAQs#pc_introwho_owns_cve
38. https://www.cve.org/ResourcesSupport/Resources
39. https://www.cve.org/ResourcesSupport/FAQs
40. https://www.cve.org/ResourcesSupport/Glossary
41. https://www.cve.org/Media/News/AllNews
42. https://www.cve.org/Media/News/AllNews
43. https://www.cve.org/Media/News/Blogs
44. https://www.cve.org/Media/News/Podcasts
45. https://www.cve.org/Media/Events
46. https://cve.mitre.org/news/archives/index.html
47. https://cve.mitre.org/cve/data_feeds.html
48. https://www.cve.org/Media/News/NewsletterSignup
49. https://twitter.com/CVEnew/
50. https://twitter.com/CVEannounce/
51. https://medium.com/@CVE_Program
52. https://www.linkedin.com/company/cve-program
53. https://github.com/CVEProject
54. https://www.youtube.com/channel/UCUHd2XFDsKH8kjMZQaSKpDQ/
55. https://cve.mitre.org/cve/search_cve_list.html
56. https://www.cve.org/Downloads
57. https://www.cve.org/ResourcesSupport/FAQs#pc_cve_list_basicscve_list_data_feeds
58. https://www.cve.org/ReportRequest/ReportRequestForNonCNAs#UpdateCVERecord
59. https://www.cve.org/ReportRequest/ReportRequestForNonCNAs#RequestCVEID
60. https://www.cve.org/
61. https://www.cve.org/
62. https://www.cve.org/Media/News/item/blog/2022/10/06/CVE-Records-Are-Now-Displayed
63. https://medium.com/@cve_program/phase-3-of-legacy-cve-download-formats-deprecation-now-underway-15c27faa4456
64. https://www.cve.org/Media/News/item/blog/2023/03/29/CVE-Downloads-in-JSON-5-Format
65. https://cve.mitre.org/
66. https://cve.mitre.org/cve/
67. https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-2027
68. https://cve.mitre.org/data/refs/index.html
69. http://www.securityfocus.com/bid/23844
70. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=417789
71. https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=235411
72. http://security.gentoo.org/glsa/glsa-200706-03.xml
73. https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9741
74. http://secunia.com/advisories/25169
75. http://secunia.com/advisories/25198
76. http://secunia.com/advisories/25255
77. http://secunia.com/advisories/25550
78. https://web.archive.org/web/*/http://www.trustix.org/errata/2007/0017/
79. http://www.ubuntu.com/usn/usn-457-1
80. https://cve.mitre.org/about/faqs.html#date_record_created_in_cve_record
81. https://cve.mitre.org/cve/
82. https://cve.mitre.org/data/refs/index.html
83. https://cveform.mitre.org/
84. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2027#top
85. https://cve.mitre.org/sitemap.html
86. https://www.cve.org/Legal/TermsOfUse
87. https://www.cve.org/Legal/PrivacyPolicy
88. https://cveform.mitre.org/
89. https://twitter.com/CVEnew/
90. https://www.linkedin.com/company/cve-program
91. https://github.com/CVEProject
92. https://www.youtube.com/channel/UCUHd2XFDsKH8kjMZQaSKpDQ/
93. https://medium.com/@cve_program
94. https://cve.mitre.org/find/index.html
95. https://cve.mitre.org/about/termsofuse.html
96. https://www.dhs.gov/
97. https://www.dhs.gov/cisa/cybersecurity-division/
98. https://www.mitre.org/
Hidden links:
100. https://cve.mitre.org/index.html
Usage: http://www.kk-software.de/kklynxview/get/URL
e.g. http://www.kk-software.de/kklynxview/get/http://www.kk-software.de
Errormessages are in German, sorry ;-)