Lucene search

[email protected]CVE-2007-1685

HistoryJun 08, 2007 - 8:30 p.m.

CVE-2007-1685

2007-06-0820:30:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-1685

buffer overflow

bluecoat k9

web protection

denial of service

remote attack

http get request

nvd

8.2 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.238 Low

EPSS

Percentile

96.6%

JSON

Buffer overflow in k9filter.exe in BlueCoat K9 Web Protection 3.2.36, and probably other versions before 3.2.44, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request to port 2372.

CPENameOperatorVersion
bluecoat:k9_web_protectionbluecoat k9 web protectioneq3.2.36

CPE	Name	Operator	Version
bluecoat:k9_web_protection	bluecoat k9 web protection	eq	3.2.36

References

archives.neohapsis.com/archives/fulldisclosure/2007-06/0190.html

lists.grok.org.uk/pipermail/full-disclosure/2007-June/063848.html

osvdb.org/37186

secunia.com/advisories/25593

www.csis.dk/dk/forside/Bluecoat-k9.pdf

www.kb.cert.org/vuls/id/271601

www.securityfocus.com/archive/1/470836/100/0/threaded

www.securityfocus.com/bid/24373

www.securitytracker.com/id?1018210

www.vupen.com/english/advisories/2007/2104

exchange.xforce.ibmcloud.com/vulnerabilities/34773

8.2 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.238 Low

EPSS

Percentile

96.6%

JSON

Related for CVE-2007-1685

prion2 cvelist1 cve1