CVE-2007-0148

N/A Unknown

Published: January 09, 2007 Modified: April 23, 2026

Description

Format string vulnerability in OmniGroup OmniWeb 5.5.1 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via format string specifiers in the Javascript alert function.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://blog.omnigroup.com/2007/01/07/omniweb-552-now-available-and-more-secure/

Source: cve@mitre.org

http://osvdb.org/31222

Source: cve@mitre.org

http://projects.info-pull.com/moab/MOAB-07-01-2007.html

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/23624

Source: cve@mitre.org

Patch Vendor Advisory

http://www.digitalmunition.com/DMA%5B2007-0107a%5D.txt

Source: cve@mitre.org

http://www.omnigroup.com/applications/omniweb/releasenotes/

Source: cve@mitre.org

Patch

http://www.securityfocus.com/archive/1/456578/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/21911

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2007/0075

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/31324

Source: cve@mitre.org

https://www.exploit-db.com/exploits/3098

Source: cve@mitre.org

http://blog.omnigroup.com/2007/01/07/omniweb-552-now-available-and-more-secure/