Lucene search

[email protected]CVE-2007-3911

HistoryJul 30, 2007 - 5:30 p.m.

CVE-2007-3911

2007-07-3017:30:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2007-3911

security vulnerability

bakbone netvault reporter 3.5

buffer overflow

remote code execution

nvd

7.9 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.627 Medium

EPSS

Percentile

97.8%

JSON

Multiple heap-based buffer overflows in (1) clsscheduler.exe (aka scheduler client) and (2) srvscheduler.exe (aka scheduler server) in BakBone NetVault Reporter 3.5 before Update4 allow remote attackers to execute arbitrary code via long filename arguments in HTTP requests.

CPENameOperatorVersion
bakbone:netvault_reporterbakbone netvault reporterle3.5update3

CPE	Name	Operator	Version
bakbone:netvault_reporter	bakbone netvault reporter	le	3.5update3

References

secunia.com/advisories/26222

securityreason.com/securityalert/2954

www.securityfocus.com/archive/1/474626/100/0/threaded

www.securityfocus.com/bid/25068

www.securitytracker.com/id?1018460

www.vupen.com/english/advisories/2007/2658

www.zerodayinitiative.com/advisories/ZDI-07-044.html

exchange.xforce.ibmcloud.com/vulnerabilities/35588

7.9 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.627 Medium

EPSS

Percentile

97.8%

JSON

Related for CVE-2007-3911

securityvulns2 zdi1 nessus1 prion1