CVE-2007-4397
Published Aug 18, 2007
Last updated 6 years ago
Overview
- Description
- Multiple CRLF injection vulnerabilities in (1) xmms-thing 1.0, (2) XMMS Remote Control Script 1.07, (3) Disrok 1.0, (4) a2x 0.0.1, (5) Another xmms-info script 1.0, (6) XChat-XMMS 0.8.1, and other unspecified scripts for XChat allow user-assisted remote attackers to execute arbitrary IRC commands via CRLF sequences in the name of the song in a .mp3 file.
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.8
- Impact score
- 6.4
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irssi:irssi:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3F2EB305-021F-4372-BC4C-8908BCE8AD49",
"versionEndIncluding": "0.8.10rc5"
},
{
"criteria": "cpe:2.3:a:kristof_korwisi:ixmmsa:0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "59D9A2F7-D84E-4BC7-A0B3-B57B6B484C6F"
},
{
"criteria": "cpe:2.3:a:mikachu:l33t_xmms_music_showing_script:2.00:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4CC8728E-B801-40DE-9EE1-65F5E1DFECDB"
},
{
"criteria": "cpe:2.3:a:ricardo_mesquita:mpg123:0.01:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "003F9C42-06E0-42D1-81EE-02DB3D6A75D5"
},
{
"criteria": "cpe:2.3:a:ricardo_mesquita:ogg123:0.01:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E42D92F4-1AEE-42E2-B600-9EC9A1199F6B"
},
{
"criteria": "cpe:2.3:a:simon:xmms2:1.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D8AAE787-7F3A-4098-A001-F3BA2E32E9E2"
},
{
"criteria": "cpe:2.3:a:tuomas_jormola:xmmsinfo:1.1.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1AE4C773-1512-45FC-905D-D72C64CD21E2"
}
],
"operator": "OR"
}
]
}
]