Search for vulnerabilities
Vulnerability details: VCID-q6pb-d7p5-aaah
Vulnerability ID VCID-q6pb-d7p5-aaah
Aliases CVE-2007-5971
Summary Double free vulnerability in the gss_krb5int_make_seal_token_v3 function in lib/gssapi/krb5/k5sealv3.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors.
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-399 Resource Management Errors
System Score Found at
rhas Critical https://access.redhat.com/errata/RHSA-2008:0164
rhas Critical https://access.redhat.com/errata/RHSA-2008:0180
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00051 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2007-5971
rhbs low https://bugzilla.redhat.com/show_bug.cgi?id=415351
cvssv2 6.9 https://nvd.nist.gov/vuln/detail/CVE-2007-5971
Reference id Reference type URL
http://bugs.gentoo.org/show_bug.cgi?id=199212
http://docs.info.apple.com/article.html?artnum=307562
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
http://osvdb.org/43345
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5971.json
https://api.first.org/data/v1/epss?cve=CVE-2007-5971
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971
http://seclists.org/fulldisclosure/2007/Dec/0176.html
http://seclists.org/fulldisclosure/2007/Dec/0321.html
http://secunia.com/advisories/28636
http://secunia.com/advisories/29420
http://secunia.com/advisories/29450
http://secunia.com/advisories/29451
http://secunia.com/advisories/29457
http://secunia.com/advisories/29462
http://secunia.com/advisories/29464
http://secunia.com/advisories/29516
http://secunia.com/advisories/39290
http://secunia.com/advisories/39784
http://security.gentoo.org/glsa/glsa-200803-31.xml
https://issues.rpath.com/browse/RPL-2012
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10296
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00537.html
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00544.html
http://ubuntu.com/usn/usn-924-1
http://wiki.rpath.com/Advisories:rPSA-2008-0112
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0112
http://www.mandriva.com/security/advisories?name=MDVSA-2008:069
http://www.mandriva.com/security/advisories?name=MDVSA-2008:070
http://www.novell.com/linux/security/advisories/suse_security_summary_report.html
http://www.redhat.com/support/errata/RHSA-2008-0164.html
http://www.redhat.com/support/errata/RHSA-2008-0180.html
http://www.securityfocus.com/archive/1/489883/100/0/threaded
http://www.securityfocus.com/bid/26750
http://www.ubuntu.com/usn/USN-940-1
http://www.vupen.com/english/advisories/2008/0924/references
http://www.vupen.com/english/advisories/2010/1192
415351 https://bugzilla.redhat.com/show_bug.cgi?id=415351
454974 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454974
CVE-2007-5971 https://nvd.nist.gov/vuln/detail/CVE-2007-5971
GLSA-200803-31 https://security.gentoo.org/glsa/200803-31
RHSA-2008:0164 https://access.redhat.com/errata/RHSA-2008:0164
RHSA-2008:0180 https://access.redhat.com/errata/RHSA-2008:0180
USN-924-1 https://usn.ubuntu.com/924-1/
USN-940-1 https://usn.ubuntu.com/940-1/
No exploits are available.
Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2007-5971
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.12852
EPSS Score 0.00051
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.