Vulnerabilities > CVE-2007-0148 - Unspecified vulnerability in Omnigroup Omniweb 5.5.1
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Format string vulnerability in OmniGroup OmniWeb 5.5.1 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via format string specifiers in the Javascript alert function.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | OmniWeb 5.5.1 Javascript alert() Remote Format String PoC. CVE-2007-0148. Dos exploit for osx platform |
file | exploits/osx/dos/3098.html |
id | EDB-ID:3098 |
last seen | 2016-01-31 |
modified | 2007-01-07 |
platform | osx |
port | |
published | 2007-01-07 |
reporter | MoAB |
source | https://www.exploit-db.com/download/3098/ |
title | OmniWeb 5.5.1 Javascript alert Remote Format String PoC |
type | dos |
References
- http://blog.omnigroup.com/2007/01/07/omniweb-552-now-available-and-more-secure/
- http://osvdb.org/31222
- http://projects.info-pull.com/moab/MOAB-07-01-2007.html
- http://secunia.com/advisories/23624
- http://www.digitalmunition.com/DMA%5B2007-0107a%5D.txt
- http://www.omnigroup.com/applications/omniweb/releasenotes/
- http://www.securityfocus.com/archive/1/456578/100/0/threaded
- http://www.securityfocus.com/bid/21911
- http://www.vupen.com/english/advisories/2007/0075
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31324
- https://www.exploit-db.com/exploits/3098