Vulnerability Description
Heap-based buffer overflow in the kernel in NetBSD 3.0, certain versions of FreeBSD and OpenBSD, and possibly other BSD derived operating systems allows local users to have an unknown impact. NOTE: this information is based upon a vague pre-advisory with no actionable information. Details will be updated after 20070329.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Netbsd | Netbsd | 3.0 |
References
- http://kernelwars.blogspot.com/2007/01/alive.htmlVendor Advisory
- http://osvdb.org/34593
- http://www.blackhat.com/html/bh-europe-07/bh-eu-07-speakers.html#ErikssonVendor Advisory
- http://www.securityfocus.com/bid/22945
- http://kernelwars.blogspot.com/2007/01/alive.htmlVendor Advisory
- http://osvdb.org/34593
- http://www.blackhat.com/html/bh-europe-07/bh-eu-07-speakers.html#ErikssonVendor Advisory
- http://www.securityfocus.com/bid/22945
FAQ
What is CVE-2007-1523?
CVE-2007-1523 is a vulnerability with a CVSS score of 7.5 (HIGH). Heap-based buffer overflow in the kernel in NetBSD 3.0, certain versions of FreeBSD and OpenBSD, and possibly other BSD derived operating systems allows local users to have an unknown impact. NOTE: t...
How severe is CVE-2007-1523?
CVE-2007-1523 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-1523?
Check the references section above for vendor advisories and patch information. Affected products include: Netbsd Netbsd.