CyberSec.Space Logo
返回 CVE 浏览器

CVE-2007-0368

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0330%
EPSS Percentile21.09th
Published2007年1月19日
Last Modified2026年4月23日

Vulnerability Description

Stack-based buffer overflow in mbse-bbs 0.70 and earlier allows local users to execute arbitrary code via a long string in the MBSE_ROOT environment variable.

Affected Platforms (CPE)

📦
Michiel Broek

Mbse Bbs

= 0.33.17
📦
Michiel Broek

Mbse Bbs

= 0.33.18
📦
Michiel Broek

Mbse Bbs

= 0.33.19
📦
Michiel Broek

Mbse Bbs

= 0.33.20
📦
Michiel Broek

Mbse Bbs

= 0.35.7
📦
Michiel Broek

Mbse Bbs

= 0.36
📦
Michiel Broek

Mbse Bbs

= 0.38
📦
Michiel Broek

Mbse Bbs

= 0.60
📦
Michiel Broek

Mbse Bbs

= 0.70

References & Advisories

🔗 http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/051859.html
🔗 http://www.mbse.eu/mbse/mbsebbs/index.html
🔗 http://www.securityfocus.com/bid/22112
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/31639
🔗 https://www.exploit-db.com/exploits/3154
🔗 http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/051859.html
🔗 http://www.mbse.eu/mbse/mbsebbs/index.html
🔗 http://www.securityfocus.com/bid/22112

相关漏洞威胁

CVE-2007-023610.0

Double free vulnerability in the _ATPsndrsp function in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attacker...

CVE-2007-049610.0

PHP remote file inclusion vulnerability in lib/nl/nl.php in Neon Labs Website (nlws) 3.2 and earlier allows remote attackers to ex...

CVE-2007-195910.0

Unspecified vulnerability in the process_cmdent function in command.cpp in TinyMUX before 2.4 has unknown impact and attack vector...

CVE-2007-025410.0

Format string vulnerability in the errors_create_window function in errors.c in xine-ui allows attackers to execute arbitrary code...