Lucene search

[email protected]CVE-2007-2137

HistoryApr 22, 2007 - 7:19 p.m.

CVE-2007-2137

2007-04-2219:19:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-2137

buffer overflow

kde.dll

ibm tivoli monitoring express

arbitrary code execution

tcp port

nvd

8.1 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.909 High

EPSS

Percentile

98.8%

JSON

Heap-based buffer overflow in kde.dll in IBM Tivoli Monitoring Express 6.1.0 before Fix Pack 2, as used in Tivoli Universal Agent, Windows OS Monitoring agent, and Enterprise Portal Server, allows remote attackers to execute arbitrary code by sending a long string to a certain TCP port.

CPENameOperatorVersion
ibm:tivoli_monitoring_expressibm tivoli monitoring expresseq6.1.0

CPE	Name	Operator	Version
ibm:tivoli_monitoring_express	ibm tivoli monitoring express	eq	6.1.0

References

secunia.com/advisories/24938

securityreason.com/securityalert/2597

www-1.ibm.com/support/docview.wss?uid=swg24012341

www.securityfocus.com/archive/1/466216/100/0/threaded

www.securityfocus.com/bid/23558

www.securitytracker.com/id?1017933

www.vupen.com/english/advisories/2007/1456

www.zerodayinitiative.com/advisories/ZDI-07-018.html

exchange.xforce.ibmcloud.com/vulnerabilities/33746

8.1 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.909 High

EPSS

Percentile

98.8%

JSON

Related for CVE-2007-2137

securityvulns2 checkpoint_advisories2 prion1 zdi1