Vulnerabilities > CVE-2007-3815 - Unspecified vulnerability in Republike Slovenije Pirs 2007
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Buffer overflow in pirs32.exe in Poslovni informator Republike Slovenije (PIRS) 2007 allows local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long search string in certain fields in the GUI. NOTE: this may cross privilege boundaries if PIRS is used by data-entry workers who do not have full access to the underlying Windows environment.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064627.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064627.html
- http://osvdb.org/38697
- http://osvdb.org/38697
- http://securityreason.com/securityalert/2898
- http://securityreason.com/securityalert/2898
- http://www.pirs.si/slo/index.php?dep_id=29&help_id=60
- http://www.pirs.si/slo/index.php?dep_id=29&help_id=60
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35388
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35388