Lucene search

[email protected]CVE-2007-1168

HistoryMar 02, 2007 - 9:18 p.m.

CVE-2007-1168

2007-03-0221:18:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

trend micro

serverprotect

linux

splx

security vulnerability

cve-2007-1168

web interface

7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.04 Low

EPSS

Percentile

92.0%

JSON

Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 20070216 allows remote attackers to access arbitrary web pages and reconfigure the product via HTTP requests with the splx_2376_info cookie to the web interface port (14942/tcp).

CPENameOperatorVersion
trend_micro:serverprotecttrend micro serverprotecteq2.5
trend_micro:serverprotecttrend micro serverprotecteq1.25_2007-02-16
trend_micro:serverprotecttrend micro serverprotecteq1.3

CPE	Name	Operator	Version
trend_micro:serverprotect	trend micro serverprotect	eq	2.5
trend_micro:serverprotect	trend micro serverprotect	eq	1.25_2007-02-16
trend_micro:serverprotect	trend micro serverprotect	eq	1.3

References

labs.idefense.com/intelligence/vulnerabilities/display.php?id=477

secunia.com/advisories/24264

securitytracker.com/id?1017685

www.securityfocus.com/bid/22662

www.trendmicro.com/download/product.asp?productid=20

www.vupen.com/english/advisories/2007/0691

7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.04 Low

EPSS

Percentile

92.0%

JSON

Related for CVE-2007-1168

nessus1 prion1 securityvulns1