Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.4
CVSSv2

CVE-2007-2027

Published: 13/04/2007 Updated: 11/10/2017
CVSS v2 Base Score: 4.4 | Impact Score: 6.4 | Exploitability Score: 3.4
VMScore: 445
Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Elinks

Vulnerability Summary

Untrusted search path vulnerability in the add_filename_to_string function in intl/gettext/loadmsgcat.c for Elinks 0.11.1 allows local users to cause Elinks to use an untrusted gettext message catalog (.po file) in a "../po" directory, which can be leveraged to conduct format string attacks.

Vulnerable Product Search on Vulmon Subscribe to Product

elinks elinks 0.11.1

Vendor Advisories

Ubuntu Security Notice: elinks vulnerability
Arnaud Giersch discovered that elinks incorrectly attempted to load gettext catalogs from a relative path If a user were tricked into running elinks from a specific directory, a local attacker could execute code with user privileges ...
Debian CVElist Bug Report Logs: elinks: crashes on a specially crafted page
Debian Bug report logs - #380347 elinks: crashes on a specially crafted page Package: elinks; Maintainer for elinks is أحمد المحمودي (Ahmed El-Mahmoudy) <aelmahmoudy@userssourceforgenet>; Source for elinks is src:elinks (PTS, buildd, popcon) Reported by: Jakub Wilk <ubanus@userssfnet> Date: Sat, 29 Ju ...
Debian CVElist Bug Report Logs: elinks: elinks uses untrusted gettext catalog
Debian Bug report logs - #417789 elinks: elinks uses untrusted gettext catalog Package: elinks; Maintainer for elinks is أحمد المحمودي (Ahmed El-Mahmoudy) <aelmahmoudy@userssourceforgenet>; Source for elinks is src:elinks (PTS, buildd, popcon) Reported by: Arnaud Giersch <arnaudgiersch@iut-bmuniv-fcomtefr ...

Exploits

Exploit DB: ELinks Relative 0.10.6/011.1 - Path Arbitrary Code Execution
source: wwwsecurityfocuscom/bid/23844/info ELinks is prone to an arbitrary code-execution vulnerability An attacker can exploit this issue to potentially execute arbitrary code with the privileges of the user running the affected application This issue requires an attacker to trick an unsuspecting victim into running the vulnerable ap ...

References

CWE-134https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=235411http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=417789http://www.ubuntu.com/usn/usn-457-1http://www.securityfocus.com/bid/23844http://secunia.com/advisories/25169http://secunia.com/advisories/25198http://www.trustix.org/errata/2007/0017/http://secunia.com/advisories/25255http://security.gentoo.org/glsa/glsa-200706-03.xmlhttp://secunia.com/advisories/25550http://osvdb.org/35668http://www.vupen.com/english/advisories/2007/1686https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9741https://usn.ubuntu.com/457-1/https://nvd.nist.govhttps://www.exploit-db.com/exploits/29954/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypassCVE-2024-30051remoteCVE-2024-27954CVE-2023-51483CVE-2023-47782SSRFCVE-2024-24715CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook