CVE-2011-4930 in Condorinfo

Summary

Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4, and possibly certain 7.7.x versions, as used in Red Hat MRG Grid and possibly other products, allow local users to cause a denial of service (condor_schedd daemon and failure to launch jobs) and possibly execute arbitrary code via format string specifiers in (1) the reason for a hold for a job that uses an XML user log, (2) the filename of a file to be transferred, and possibly other unspecified vectors.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

12/23/2011

Disclosure

02/10/2014

Moderation

VulDB entry created

Entries

VDB-69275 (1)

CPE

ready

CWE

CWE-134 (Confirmed)

CVSS

5.9

EPSS

0.00098

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-4930
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-4930
CVE Details	https://www.cvedetails.com/cve/CVE-2011-4930/

◂ Previous Overview Next ▸

Want to know what is going to be exploited?

We predict KEV entries!