{"api_version":"1","generated_at":"2026-04-23T02:36:15+00:00","cve":"CVE-2007-5007","urls":{"html":"https://cve.report/CVE-2007-5007","api":"https://cve.report/api/cve/CVE-2007-5007.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2007-5007","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2007-5007"},"summary":{"title":"CVE-2007-5007","description":"Stack-based buffer overflow in the ir_fetch_seq function in balsa before 2.3.20 might allow remote IMAP servers to execute arbitrary code via a long response to a FETCH command.","state":"PUBLISHED","assigner":"mitre","published_at":"2007-12-12 22:10:00","updated_at":"2026-04-23 00:35:47"},"problem_types":["CWE-119","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"6.8","severity":"","vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","data":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"}}],"references":[{"url":"http://www.vupen.com/english/advisories/2007/3263","name":"http://www.vupen.com/english/advisories/2007/3263","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Webmail - OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://osvdb.org/40585","name":"http://osvdb.org/40585","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"http://www.novell.com/linux/security/advisories/2007_19_sr.html","name":"http://www.novell.com/linux/security/advisories/2007_19_sr.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Security Announcement","mime":"text/html","httpstatus":"404","archivestatus":"200"},{"url":"http://secunia.com/advisories/27272","name":"http://secunia.com/advisories/27272","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Gentoo update for balsa - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=297581","name":"https://bugzilla.redhat.com/show_bug.cgi?id=297581","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"297581 – (CVE-2007-5007) CVE-2007-5007 balsa: IMAP server triggerred stack overflow","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/26947","name":"http://secunia.com/advisories/26947","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Balsa \"ir_fetch_seq()\" Buffer Overflow Vulnerability - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.gentoo.org/security/en/glsa/glsa-200710-17.xml","name":"http://www.gentoo.org/security/en/glsa/glsa-200710-17.xml","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Gentoo Linux Documentation\n--\n  Balsa: Buffer overflow","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/25777","name":"http://www.securityfocus.com/bid/25777","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"],"title":"Balsa Fetch Command Remote Stack Buffer Overflow Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://bugs.gentoo.org/show_bug.cgi?id=193179","name":"http://bugs.gentoo.org/show_bug.cgi?id=193179","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"],"title":"Gentoo Bug 193179 - mail-client/balsa < 2.3.20 ir_fetch_seq() Stack-based buffer overflow (CVE-2007-5007)","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://mail.gnome.org/archives/balsa-list/2007-September/msg00010.html","name":"http://mail.gnome.org/archives/balsa-list/2007-September/msg00010.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"],"title":"ANNOUNCE: balsa-2.3.20 released","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://bugzilla.gnome.org/show_bug.cgi?id=474366","name":"http://bugzilla.gnome.org/show_bug.cgi?id=474366","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Bug 474366 – buffer overflow in ir_fetch_seq()","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/26987","name":"http://secunia.com/advisories/26987","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"SUSE Update for Multiple Packages - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2007-5007","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-5007","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2007","cve_id":"5007","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"balsa","cpe6":"1.1.7","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5007","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"balsa","cpe6":"1.2.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5007","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"balsa","cpe6":"1.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5007","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"balsa","cpe6":"1.4.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5007","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"balsa","cpe6":"2.0.10","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5007","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"balsa","cpe6":"2.0.16","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5007","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"balsa","cpe6":"2.0.17","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5007","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"balsa","cpe6":"2.0.18","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5007","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"balsa","cpe6":"2.0.6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5007","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"balsa","cpe6":"2.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5007","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"balsa","cpe6":"2.1.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5007","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"balsa","cpe6":"2.1.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5007","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"balsa","cpe6":"2.1.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5007","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"balsa","cpe6":"2.1.90","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5007","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"balsa","cpe6":"2.1.91","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5007","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"balsa","cpe6":"2.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5007","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"balsa","cpe6":"2.2.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5007","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"balsa","cpe6":"2.2.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5007","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"balsa","cpe6":"2.2.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5007","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"balsa","cpe6":"2.2.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5007","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"balsa","cpe6":"2.2.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5007","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"balsa","cpe6":"2.2.6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5007","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"balsa","cpe6":"2.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5007","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"balsa","cpe6":"2.3.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5007","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"balsa","cpe6":"2.3.10","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5007","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"balsa","cpe6":"2.3.11","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5007","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"balsa","cpe6":"2.3.12","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5007","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"balsa","cpe6":"2.3.13","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5007","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"balsa","cpe6":"2.3.14","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5007","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"balsa","cpe6":"2.3.15","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5007","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"balsa","cpe6":"2.3.16","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5007","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"balsa","cpe6":"2.3.17","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5007","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"balsa","cpe6":"2.3.19","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5007","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"balsa","cpe6":"2.3.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5007","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"balsa","cpe6":"2.3.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5007","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"balsa","cpe6":"2.3.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5007","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"balsa","cpe6":"2.3.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5007","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"balsa","cpe6":"2.3.6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5007","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"balsa","cpe6":"2.3.7","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5007","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"balsa","cpe6":"2.3.8","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[{"cvename":"CVE-2007-5007","organization":"Red Hat","lastmodified":"2008-01-09","contributor":"Mark J Cox","statementText":"Not vulnerable. This issue did not affect version of balsa as shipped with Red Hat Enterprise Linux 2.1.","cve_year":"2007","cve_id":"5007","crc32":"482b8c37"}],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T15:17:27.993Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://bugs.gentoo.org/show_bug.cgi?id=193179"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=297581"},{"name":"SUSE-SR:2007:019","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://www.novell.com/linux/security/advisories/2007_19_sr.html"},{"name":"25777","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/25777"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://bugzilla.gnome.org/show_bug.cgi?id=474366"},{"name":"26987","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/26987"},{"name":"[ANNOUNCE] 20070907 balsa-2.3.20 released","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://mail.gnome.org/archives/balsa-list/2007-September/msg00010.html"},{"name":"ADV-2007-3263","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2007/3263"},{"name":"27272","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/27272"},{"name":"40585","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/40585"},{"name":"GLSA-200710-17","tags":["vendor-advisory","x_refsource_GENTOO","x_transferred"],"url":"http://www.gentoo.org/security/en/glsa/glsa-200710-17.xml"},{"name":"26947","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/26947"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2007-09-20T00:00:00.000Z","descriptions":[{"lang":"en","value":"Stack-based buffer overflow in the ir_fetch_seq function in balsa before 2.3.20 might allow remote IMAP servers to execute arbitrary code via a long response to a FETCH command."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2007-09-28T09:00:00.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"tags":["x_refsource_CONFIRM"],"url":"http://bugs.gentoo.org/show_bug.cgi?id=193179"},{"tags":["x_refsource_CONFIRM"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=297581"},{"name":"SUSE-SR:2007:019","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://www.novell.com/linux/security/advisories/2007_19_sr.html"},{"name":"25777","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/25777"},{"tags":["x_refsource_CONFIRM"],"url":"http://bugzilla.gnome.org/show_bug.cgi?id=474366"},{"name":"26987","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/26987"},{"name":"[ANNOUNCE] 20070907 balsa-2.3.20 released","tags":["mailing-list","x_refsource_MLIST"],"url":"http://mail.gnome.org/archives/balsa-list/2007-September/msg00010.html"},{"name":"ADV-2007-3263","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2007/3263"},{"name":"27272","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/27272"},{"name":"40585","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/40585"},{"name":"GLSA-200710-17","tags":["vendor-advisory","x_refsource_GENTOO"],"url":"http://www.gentoo.org/security/en/glsa/glsa-200710-17.xml"},{"name":"26947","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/26947"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2007-5007","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Stack-based buffer overflow in the ir_fetch_seq function in balsa before 2.3.20 might allow remote IMAP servers to execute arbitrary code via a long response to a FETCH command."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"http://bugs.gentoo.org/show_bug.cgi?id=193179","refsource":"CONFIRM","url":"http://bugs.gentoo.org/show_bug.cgi?id=193179"},{"name":"https://bugzilla.redhat.com/show_bug.cgi?id=297581","refsource":"CONFIRM","url":"https://bugzilla.redhat.com/show_bug.cgi?id=297581"},{"name":"SUSE-SR:2007:019","refsource":"SUSE","url":"http://www.novell.com/linux/security/advisories/2007_19_sr.html"},{"name":"25777","refsource":"BID","url":"http://www.securityfocus.com/bid/25777"},{"name":"http://bugzilla.gnome.org/show_bug.cgi?id=474366","refsource":"CONFIRM","url":"http://bugzilla.gnome.org/show_bug.cgi?id=474366"},{"name":"26987","refsource":"SECUNIA","url":"http://secunia.com/advisories/26987"},{"name":"[ANNOUNCE] 20070907 balsa-2.3.20 released","refsource":"MLIST","url":"http://mail.gnome.org/archives/balsa-list/2007-September/msg00010.html"},{"name":"ADV-2007-3263","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2007/3263"},{"name":"27272","refsource":"SECUNIA","url":"http://secunia.com/advisories/27272"},{"name":"40585","refsource":"OSVDB","url":"http://osvdb.org/40585"},{"name":"GLSA-200710-17","refsource":"GENTOO","url":"http://www.gentoo.org/security/en/glsa/glsa-200710-17.xml"},{"name":"26947","refsource":"SECUNIA","url":"http://secunia.com/advisories/26947"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2007-5007","datePublished":"2007-09-20T20:00:00.000Z","dateReserved":"2007-09-20T00:00:00.000Z","dateUpdated":"2024-08-07T15:17:27.993Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2007-12-12 22:10:00","lastModifiedDate":"2026-04-23 00:35:47","problem_types":["CWE-119","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:balsa:1.1.7:*:*:*:*:*:*:*","matchCriteriaId":"950C09DA-EAEA-4DE7-8A5E-ED9E82C653F5"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:balsa:1.2.4:*:*:*:*:*:*:*","matchCriteriaId":"B1BCE579-53AC-4B05-9E33-ACDA345D5B6A"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:balsa:1.4:*:*:*:*:*:*:*","matchCriteriaId":"6C0E134F-93E3-4754-98A5-E6917853C99B"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:balsa:1.4.3:*:*:*:*:*:*:*","matchCriteriaId":"3D0FCECC-E287-486D-A8C1-CA952F4FBC67"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:balsa:2.0.6:*:*:*:*:*:*:*","matchCriteriaId":"9EAE6454-3B98-4AC8-8C03-4943F168AEF8"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:balsa:2.0.10:*:*:*:*:*:*:*","matchCriteriaId":"91C14FE8-1596-4C1C-924D-D296EDB8FB9F"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:balsa:2.0.16:*:*:*:*:*:*:*","matchCriteriaId":"7225E52A-13A9-4283-8B00-D22C47358871"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:balsa:2.0.17:*:*:*:*:*:*:*","matchCriteriaId":"C7927268-514A-45C8-9A03-CF33426B2875"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:balsa:2.0.18:*:*:*:*:*:*:*","matchCriteriaId":"AFC7FF7A-856E-42BC-9129-A1B28F508EAB"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:balsa:2.1:*:*:*:*:*:*:*","matchCriteriaId":"871512E9-340D-4BC3-A2C0-5D160E6F4004"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:balsa:2.1.1:*:*:*:*:*:*:*","matchCriteriaId":"596A3E04-CB96-4DFE-AE7C-B506DD3C54D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:balsa:2.1.2:*:*:*:*:*:*:*","matchCriteriaId":"209D1628-7C99-4722-8038-B835BDE57B5D"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:balsa:2.1.3:*:*:*:*:*:*:*","matchCriteriaId":"B8E8B391-160B-49E0-8505-AA0E625A792C"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:balsa:2.1.90:*:*:*:*:*:*:*","matchCriteriaId":"EB30197C-3991-469D-83E9-9EBE17BFA59F"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:balsa:2.1.91:*:*:*:*:*:*:*","matchCriteriaId":"C5BCD53C-61D5-49E2-8854-F8F8021DAA85"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:balsa:2.2:*:*:*:*:*:*:*","matchCriteriaId":"FA6D9C1F-A67A-4E1F-B6BE-9F98F9998DDD"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:balsa:2.2.1:*:*:*:*:*:*:*","matchCriteriaId":"6B88D420-12D1-4196-9B6C-3A6BD4F4371C"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:balsa:2.2.2:*:*:*:*:*:*:*","matchCriteriaId":"4FDDFC9F-A654-4644-9E8C-6F5902BFC51B"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:balsa:2.2.3:*:*:*:*:*:*:*","matchCriteriaId":"EAFC41E5-6000-44B8-A7AC-426185E8FAB9"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:balsa:2.2.4:*:*:*:*:*:*:*","matchCriteriaId":"38D0233D-CCFC-47C0-B4D6-5F5F91A6260A"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:balsa:2.2.5:*:*:*:*:*:*:*","matchCriteriaId":"FBA69D3A-E357-4B2A-9E9C-2CADA91E45A3"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:balsa:2.2.6:*:*:*:*:*:*:*","matchCriteriaId":"9506DE3C-AD8D-4128-AA5A-1B72465B73AF"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:balsa:2.3:*:*:*:*:*:*:*","matchCriteriaId":"E1A9132B-91DC-404D-A3CA-69457DB75A71"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:balsa:2.3.1:*:*:*:*:*:*:*","matchCriteriaId":"943CFC36-8856-4D8B-A7E5-DF1458769EBA"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:balsa:2.3.2:*:*:*:*:*:*:*","matchCriteriaId":"46DE94C8-F5D4-4D8C-AF9C-0290F24575AE"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:balsa:2.3.3:*:*:*:*:*:*:*","matchCriteriaId":"8B6C96C8-34EE-4C10-BB16-A093CB626FFC"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:balsa:2.3.4:*:*:*:*:*:*:*","matchCriteriaId":"B8C116A3-1F8B-4F6B-8056-0685C9DAF9CF"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:balsa:2.3.5:*:*:*:*:*:*:*","matchCriteriaId":"1134D391-A0CF-41AD-B871-423F1929BA58"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:balsa:2.3.6:*:*:*:*:*:*:*","matchCriteriaId":"50F69A80-C311-4840-AF70-ABDDB2D006EB"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:balsa:2.3.7:*:*:*:*:*:*:*","matchCriteriaId":"79156072-C833-4C7A-A07A-71DDC5BDCB4B"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:balsa:2.3.8:*:*:*:*:*:*:*","matchCriteriaId":"2BA4632D-4729-42A3-8778-C02F50D95C27"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:balsa:2.3.10:*:*:*:*:*:*:*","matchCriteriaId":"0F968DAE-A85A-483E-918F-45DA7CD5C0E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:balsa:2.3.11:*:*:*:*:*:*:*","matchCriteriaId":"6730AE89-6168-47FA-8C3C-8A54A8CF0790"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:balsa:2.3.12:*:*:*:*:*:*:*","matchCriteriaId":"61899224-39E2-485A-BD02-D0F596D0C3B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:balsa:2.3.13:*:*:*:*:*:*:*","matchCriteriaId":"0A3C98B1-04E7-4FB9-BBCA-A0CAC5C85453"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:balsa:2.3.14:*:*:*:*:*:*:*","matchCriteriaId":"850D4CD2-1F1F-43B7-8DD0-00985F059637"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:balsa:2.3.15:*:*:*:*:*:*:*","matchCriteriaId":"9A426AAD-E53A-4BCF-ADA2-A25215F36EA3"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:balsa:2.3.16:*:*:*:*:*:*:*","matchCriteriaId":"6A81A463-B9DF-4626-BA1F-0386D77A3BC9"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:balsa:2.3.17:*:*:*:*:*:*:*","matchCriteriaId":"BDDA6B44-CB69-47FA-AC29-1A5D7BA14080"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:balsa:2.3.19:*:*:*:*:*:*:*","matchCriteriaId":"401E38DB-D54C-49B0-93B6-2DDE6FA93F6E"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2007","CveId":"5007","Ordinal":"1","Title":"CVE-2007-5007","CVE":"CVE-2007-5007","Year":"2007"},"notes":[{"CveYear":"2007","CveId":"5007","Ordinal":"1","NoteData":"Stack-based buffer overflow in the ir_fetch_seq function in balsa before 2.3.20 might allow remote IMAP servers to execute arbitrary code via a long response to a FETCH command.","Type":"Description","Title":"CVE-2007-5007"},{"CveYear":"2007","CveId":"5007","Ordinal":"2","NoteData":"2007-09-20","Type":"Other","Title":"Published"},{"CveYear":"2007","CveId":"5007","Ordinal":"3","NoteData":"2007-09-28","Type":"Other","Title":"Modified"}]}}}