Lucene search

[email protected]CVE-2007-2514

HistoryJun 06, 2007 - 10:30 a.m.

CVE-2007-2514

2007-06-0610:30:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-2514

stack-based buffer overflow

xferwan.exe

remote code execution

symantec discovery

numara asset manager

centennial uk ltd discovery

8.2 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.021 Low

EPSS

Percentile

89.1%

JSON

Stack-based buffer overflow in XferWan.exe as used in multiple products including (1) Symantec Discovery 6.5, (2) Numara Asset Manager 8.0, and (3) Centennial UK Ltd Discovery 2006 Feature Pack, allows remote attackers to execute arbitrary code via a long request. NOTE: this might be a reservation duplicate of CVE-2007-1173.

CPENameOperatorVersion
numara:asset_managernumara asset managereq8.0
symantec:discoverysymantec discoveryeq6.5
centennial:discoverycentennial discoveryeq2006_featurepack1

CPE	Name	Operator	Version
numara:asset_manager	numara asset manager	eq	8.0
symantec:discovery	symantec discovery	eq	6.5
centennial:discovery	centennial discovery	eq	2006_featurepack1

References

dvlabs.tippingpoint.com/advisory/TPTI-07-10

osvdb.org/42059

securityreason.com/securityalert/2785

www.securityfocus.com/archive/1/470563/100/0/threaded

www.securityfocus.com/bid/24317

www.securitytracker.com/id?1018191

exchange.xforce.ibmcloud.com/vulnerabilities/34723

8.2 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.021 Low

EPSS

Percentile

89.1%

JSON

Related for CVE-2007-2514

prion2 securityvulns2 checkpoint_advisories1 cve1