CVE-2007-5561 - CVE Reference - Advisories

CVE Reference: CVE-2007-5561

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-5561

Description: Format string vulnerability in the logging function in the Oracle OPMN daemon, as used on Oracle Enterprise Grid Console server 10.2.0.1, allows remote attackers to execute arbitrary code via format string specifiers in the URI in an HTTP request to port 6003, aka Oracle reference number 6296175. NOTE: this might be the same issue as CVE-2007-0282 or CVE-2007-0280, but there are insufficient details to be sure.

CVE Status: Candidate

References: MISC http://www.irmplc.com/index.php/111-Vendor-Alerts http://www.irmplc.com/index.php/142-Advisory-021 http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html

Return to the previous page.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	phpJobScheduler "installed_conf ig_file" File Inclusion Vulnerabilities

2.	HP TCP/IP Services for OpenVMS Finger Format String Vulnerability

3.	Sun Solaris Kernel Covert Channel Security Bypass

4.	OpenOffice "rtl_allocateMe mory()" Truncation Vulnerability

5.	dotProject SQL Injection and Cross-Site Scripting

6.	Novell eDirectory Multiple Vulnerabilities

7.	Acoustica Mixcraft ".mx4" File Processing Buffer Overflow

8.	Adium MSN SLP Message Integer Overflow Vulnerabilities

9.	Blogn Cross-Site Scripting and Cross-Site Request Forgery

10.	GpsDrive "geo-code" Insecure Temporary Files