How severe is CVE-2007-5825?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2007-5825?

This is classified as CWE-134, which is a common weakness in software security.

CVE-2007-5825

HIGH Year: 2007

CVSS v2 Score

7.5

High

Weakness Type

CWE-134

View all →

Vulnerability Description

Format string vulnerability in the ws_addarg function in webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to execute arbitrary code via a stats method action to /xml-rpc with format string specifiers in the (1) username or (2) password portion of base64-encoded data on the "Authorization: Basic" HTTP header line.

CVE-2010-3438

CRITICAL

CVSS:9.8(Critical)

libpoe-component-irc-perl before v6.32 does not remove carriage returns and line feeds. This can be used to execute arbitrary IRC commands by passing an argument such as "some text\rQUIT" to the 'priv...

CWE-1342010

CVE-2012-0824

CRITICAL

CVSS:9.8(Critical)

gnusound 0.7.5 has format string issue

CWE-1342012

CVE-2015-7271

CRITICAL

CVSS:9.8(Critical)

Dell Integrated Remote Access Controller (iDRAC) 7/8 before 2.21.21.21 has a format string issue in racadm getsystinfo.

CWE-1342015

CVE-2015-8617

CRITICAL

CVSS:9.8(Critical)

Format string vulnerability in the zend_throw_or_error function in Zend/zend_execute_API.c in PHP 7.x before 7.0.1 allows remote attackers to execute arbitrary code via format string specifiers in a s...

CWE-1342015