CVE-2007-6273
First published: Fri Dec 07 2007(Updated: )
Multiple format string vulnerabilities in the configuration file in SonicWALL GLobal VPN Client 3.1.556 and 4.0.0.810 allow user-assisted remote attackers to execute arbitrary code via format string specifiers in the (1) Hostname tag or the (2) name attribute in the Connection tag. NOTE: there might not be any realistic circumstances in which this issue crosses privilege boundaries.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sonicwall Global Vpn Client | =3.1.556 | |
| Sonicwall Global Vpn Client | =4.0.0.810 | |
| SonicWALL GLobal VPN Client | =3.1.556 | |
| SonicWALL GLobal VPN Client | =4.0.0.810 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-historical
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/author
- agent/type
- agent/references
- agent/last-modified-date
- agent/event
- agent/description
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/sonicwall
- canonical/sonicwall global vpn client
- version/sonicwall global vpn client/3.1.556
- version/sonicwall global vpn client/4.0.0.810