Lucene search

[email protected]CVE-2007-1578

HistoryMar 21, 2007 - 11:19 p.m.

CVE-2007-1578

2007-03-2123:19:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

ntlm

integer signedness errors

atrium mercur imapd

cve-2007-1578

buffer overflow

security vulnerability

7.7 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.608 Medium

EPSS

Percentile

97.8%

JSON

Multiple integer signedness errors in the NTLM implementation in Atrium MERCUR IMAPD (mcrimap4.exe) 5.00.14, with SP4, allow remote attackers to execute arbitrary code via a long NTLMSSP argument that triggers a stack-based buffer overflow.

CPENameOperatorVersion
atrium_software:mercur_imapdatrium software mercur imapdeq5.00.14

CPE	Name	Operator	Version
atrium_software:mercur_imapd	atrium software mercur imapd	eq	5.00.14

References

archives.neohapsis.com/archives/fulldisclosure/2007-03/0280.html

secunia.com/advisories/24596

securitytracker.com/id?1017798

www.digit-labs.org/files/exploits/mercur-v1.pl

www.osvdb.org/33545

www.securityfocus.com/bid/23058

www.vupen.com/english/advisories/2007/1053

exchange.xforce.ibmcloud.com/vulnerabilities/33120

www.exploit-db.com/exploits/3527

7.7 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.608 Medium

EPSS

Percentile

97.8%

JSON

Related for CVE-2007-1578

nessus1 saint4 checkpoint_advisories1 cvelist1 prion1 securityvulns1