Lucene search

[email protected]CVE-2007-2957

HistoryOct 31, 2007 - 10:46 p.m.

CVE-2007-2957

2007-10-3122:46:00

CWE-189

[email protected]

web.nvd.nist.gov

cve-2007-2957

mcafee

e-business server

integer overflow

remote code execution

heap-based buffer overflow

nvd

8.4 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.071 Low

EPSS

Percentile

94.0%

JSON

Integer overflow in McAfee E-Business Server before 8.5.3 for Solaris, and before 8.1.2 for Linux, HP-UX, and AIX, allows remote attackers to execute arbitrary code via a large length value in an authentication packet, which results in a heap-based buffer overflow.

CPENameOperatorVersion
mcafee:e-business_servermcafee e-business serverle8.1.1
mcafee:e-business_servermcafee e-business serverle8.5.2

CPE	Name	Operator	Version
mcafee:e-business_server	mcafee e-business server	le	8.1.1
mcafee:e-business_server	mcafee e-business server	le	8.5.2

References

secunia.com/advisories/26372

secunia.com/secunia_research/2007-69/advisory/

securitytracker.com/id?1018878

www.securityfocus.com/bid/26269

www.vupen.com/english/advisories/2007/3663

exchange.xforce.ibmcloud.com/vulnerabilities/38175

knowledge.mcafee.com/SupportSite/dynamickc.do?externalId=614035&sliceId=SAL_Public&command=show&forward=nonthreadedKC&kcId=614035

8.4 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.071 Low

EPSS

Percentile

94.0%

JSON

Related for CVE-2007-2957

seebug1 securityvulns2 cvelist1 prion1