CVE-2007-3841 - Vulnerability Details - OpenCVE

Unspecified vulnerability in Pidgin (formerly Gaim) 2.0.2 for Linux allows remote authenticated users, who are listed in a users list, to execute certain commands via unspecified vectors, aka ZD-00000035. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Pidgin	Pidgin

Configuration 1 [-]

cpe:2.3:a:pidgin:pidgin:2.0.2:*:linux:*:*:*:*:*

No data.

References

Link	Providers
http://www.securityfocus.com/bid/24904
http://www.wslabi.com/wabisabilabi/initPublishedBid.do?

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-07-17T22:00:00Z

Updated: 2024-09-17T03:48:22.596Z

Reserved: 2007-07-17T00:00:00Z

Link: CVE-2007-3841

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2007-07-17T22:30:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2007-3841

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Pidgin (formerly Gaim) 2.0.2 for Linux allows remote authenticated users, who are listed in a users list, to execute certain commands via unspecified vectors, aka ZD-00000035. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2007-07-17T22:00:00Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "24904", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/24904"}, {"tags": ["x_refsource_MISC"], "url": "http://www.wslabi.com/wabisabilabi/initPublishedBid.do?"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-3841", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in Pidgin (formerly Gaim) 2.0.2 for Linux allows remote authenticated users, who are listed in a users list, to execute certain commands via unspecified vectors, aka ZD-00000035. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "24904", "refsource": "BID", "url": "http://www.securityfocus.com/bid/24904"}, {"name": "http://www.wslabi.com/wabisabilabi/initPublishedBid.do?", "refsource": "MISC", "url": "http://www.wslabi.com/wabisabilabi/initPublishedBid.do?"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T14:28:52.518Z"}, "title": "CVE Program Container", "references": [{"name": "24904", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/24904"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.wslabi.com/wabisabilabi/initPublishedBid.do?"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-3841", "datePublished": "2007-07-17T22:00:00Z", "dateReserved": "2007-07-17T00:00:00Z", "dateUpdated": "2024-09-17T03:48:22.596Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:pidgin:pidgin:2.0.2:*:linux:*:*:*:*:*", "matchCriteriaId": "5C5B2A50-6734-4B64-AFD0-DB34C3BDA86F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Pidgin (formerly Gaim) 2.0.2 for Linux allows remote authenticated users, who are listed in a users list, to execute certain commands via unspecified vectors, aka ZD-00000035. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine."}, {"lang": "es", "value": "Vulnerabilida no especificada en Pidgin (formalmente Gaim) 2.0.2 para Linux permite a usuarios remotos validados, quienes son listados en una lista de usuarios, ejecutar ciertos comandos a trav\u00e9s de vectores no especificados, tambi\u00e9n conocido como ZD-00000035. NOTA: esta informaci\u00f3n esta basada en sobre un asesoriamiento impreciso por una informaci\u00f3n de la vulnerabilidad de una organizaci\u00f3n de ventas que no se coordino con los vendedores o avisos publicados. Un CVE se ha asignado para los prop\u00f3sitos que segu\u00eda, pero los duplicados con otros CVEs son dif\u00edciles de determinarse."}], "id": "CVE-2007-3841", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-07-17T22:30:00.000", "references": [{"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/24904"}, {"source": "cve@mitre.org", "url": "http://www.wslabi.com/wabisabilabi/initPublishedBid.do?"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/24904"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.wslabi.com/wabisabilabi/initPublishedBid.do?"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}