CVE-2007-2514

Sažetak

Stack-based buffer overflow in XferWan.exe as used in multiple products including (1) Symantec Discovery 6.5, (2) Numara Asset Manager 8.0, and (3) Centennial UK Ltd Discovery 2006 Feature Pack, allows remote attackers to execute arbitrary code via a long request. NOTE: this might be a reservation duplicate of CVE-2007-1173.

Reference

http://dvlabs.tippingpoint.com/advisory/TPTI-07-10
http://osvdb.org/42059
http://securityreason.com/securityalert/2785
http://www.securityfocus.com/archive/1/470563/100/0/threaded
http://www.securityfocus.com/bid/24317
http://www.securitytracker.com/id?1018191
https://exchange.xforce.ibmcloud.com/vulnerabilities/34723

CVSS

Base:	9.3
Impact:	10.0
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

16-10-2018 - 16:44

Objavljeno

06-06-2007 - 10:30