CVE-2007-4732

Published: Sep 6, 2007Modified: Apr 23, 2026

4.9

Vector

AV:L/AC:L/Au:N/C:N/I:N/A:C

Exploitability: 3.9 / Impact: 6.9

Source: NVD

Description

Unspecified vulnerability in the strfreectty function in the Special File System (SPECFS) in Sun Solaris 8 through 10 allows local users to cause a denial of service (system panic), related to passing a NULL pointer to the pgsignal function.

Affected (6)

Products: Sun: Solaris

Sun

1 product

Solaris

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Sun Solaris	Version 10.0
Sun Solaris	Version 10.0
Sun Solaris	Version 8.0
Sun Solaris	Version 8.0
Sun Solaris	Version 9.0
Sun Solaris	Version 9.0

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (20)

http://osvdb.org/37323

Source: cve@mitre.org

http://secunia.com/advisories/26528

Source: cve@mitre.org

PatchVendor Advisory

http://secunia.com/advisories/26731

Source: cve@mitre.org

http://securitytracker.com/id?1018643

Source: cve@mitre.org

Patch

http://sunsolve.sun.com/search/document.do?assetkey=1-26-103009-1

Source: cve@mitre.org

Patch

http://support.avaya.com/elmodocs2/security/ASA-2007-374.htm

Source: cve@mitre.org

http://www.securityfocus.com/bid/25510

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2007/3031

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/36379

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2173

Source: cve@mitre.org

http://osvdb.org/37323