CVE-2007-2522

2007-05-1104:20:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2007-2522

buffer overflow

ca anti-virus

remote code execution

security vulnerability

7.8 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.955 High

EPSS

Percentile

99.4%

JSON

Stack-based buffer overflow in the inoweb Console Server in CA Anti-Virus for the Enterprise r8, Threat Manager r8, Anti-Spyware for the Enterprise r8, and Protection Suites r3 allows remote attackers to execute arbitrary code via a long (1) username or (2) password.

CPENameOperatorVersion
broadcom:antispyware_for_the_enterprisebroadcom antispyware for the enterpriseeq8.0
broadcom:etrust_integrated_threat_managementbroadcom etrust integrated threat managementeq8.0
broadcom:etrust_pestpatrolbroadcom etrust pestpatroleq8.0

CPE	Name	Operator	Version
broadcom:antispyware_for_the_enterprise	broadcom antispyware for the enterprise	eq	8.0
broadcom:etrust_integrated_threat_management	broadcom etrust integrated threat management	eq	8.0
broadcom:etrust_pestpatrol	broadcom etrust pestpatrol	eq	8.0