CVE-2007-5580

2007-12-1501:46:00

CWE-119

[email protected]

web.nvd.nist.gov

cve

2007

5580

buffer overflow

cisco security agent

smb

tcp

nvd

7.9 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.179 Low

EPSS

Percentile

96.1%

JSON

Buffer overflow in a certain driver in Cisco Security Agent 4.5.1 before 4.5.1.672, 5.0 before 5.0.0.225, 5.1 before 5.1.0.106, and 5.2 before 5.2.0.238 on Windows allows remote attackers to execute arbitrary code via a crafted SMB packet in a TCP session on port (1) 139 or (2) 445.

CPENameOperatorVersion
cisco:security_agentcisco security agenteq4.5.1.639
cisco:security_agentcisco security agenteq4.5.1
cisco:security_agentcisco security agenteq5.1
cisco:security_agentcisco security agenteq4.5.1.659
cisco:security_agentcisco security agenteq5.0.193
cisco:security_agentcisco security agenteq4.0.3.728
cisco:security_agentcisco security agenteq5.0
cisco:security_agentcisco security agenteq4.0.3
cisco:security_agentcisco security agenteq5.0.0.201
cisco:security_agentcisco security agenteq5.2

CPE	Name	Operator	Version
cisco:security_agent	cisco security agent	eq	4.5.1.639
cisco:security_agent	cisco security agent	eq	4.5.1
cisco:security_agent	cisco security agent	eq	5.1
cisco:security_agent	cisco security agent	eq	4.5.1.659
cisco:security_agent	cisco security agent	eq	5.0.193
cisco:security_agent	cisco security agent	eq	4.0.3.728
cisco:security_agent	cisco security agent	eq	5.0
cisco:security_agent	cisco security agent	eq	4.0.3
cisco:security_agent	cisco security agent	eq	5.0.0.201
cisco:security_agent	cisco security agent	eq	5.2