CVE-2007-0447

2007-10-0521:17:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2007-0447

symantec

buffer overflow

decomposer component

nvd

7.9 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.182 Low

EPSS

Percentile

96.1%

JSON

Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote attackers to execute arbitrary code via multiple crafted CAB archives.

CPENameOperatorVersion
symantec:mail_securitysymantec mail securityeq4.0
symantec:client_securitysymantec client securityeq3.0
symantec:norton_antivirussymantec norton antiviruseq10.0.2.2011
symantec:norton_antivirussymantec norton antiviruseq2004
symantec:norton_internet_securitysymantec norton internet securityeq2006
symantec:norton_internet_securitysymantec norton internet securityeq2004
symantec:antivirus_scan_enginesymantec antivirus scan engineeq5.0
symantec:norton_antivirussymantec norton antiviruseq9.0.1.1.1000
symantec:web_securitysymantec web securityeq3.0.1_build_3.01.74
symantec:norton_antivirussymantec norton antiviruseq10.0.2.2001

CPE	Name	Operator	Version
symantec:mail_security	symantec mail security	eq	4.0
symantec:client_security	symantec client security	eq	3.0
symantec:norton_antivirus	symantec norton antivirus	eq	10.0.2.2011
symantec:norton_antivirus	symantec norton antivirus	eq	2004
symantec:norton_internet_security	symantec norton internet security	eq	2006
symantec:norton_internet_security	symantec norton internet security	eq	2004
symantec:antivirus_scan_engine	symantec antivirus scan engine	eq	5.0
symantec:norton_antivirus	symantec norton antivirus	eq	9.0.1.1.1000
symantec:web_security	symantec web security	eq	3.0.1_build_3.01.74
symantec:norton_antivirus	symantec norton antivirus	eq	10.0.2.2001