cve-2007-5580

Vulnerability from cvelistv5

Published

2007-12-15 01:00

Modified

2024-08-07 15:39

Severity ?

Summary

References

URL	Tags
ykramarz@cisco.com	http://osvdb.org/39521
ykramarz@cisco.com	http://secunia.com/advisories/27947	Vendor Advisory
ykramarz@cisco.com	http://securityreason.com/securityalert/3425
ykramarz@cisco.com	http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsl00618
ykramarz@cisco.com	http://www.cisco.com/en/US/products/products_security_advisory09186a008090a434.shtml
ykramarz@cisco.com	http://www.nsfocus.com/english/homepage/research/0702.htm
ykramarz@cisco.com	http://www.securityfocus.com/archive/1/484669/100/100/threaded
ykramarz@cisco.com	http://www.securityfocus.com/bid/26723
ykramarz@cisco.com	http://www.securitytracker.com/id?1019046
ykramarz@cisco.com	http://www.vupen.com/english/advisories/2007/4103
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/39521
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27947	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/3425
af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsl00618
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/en/US/products/products_security_advisory09186a008090a434.shtml
af854a3a-2127-422b-91ae-364da2661108	http://www.nsfocus.com/english/homepage/research/0702.htm
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/484669/100/100/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/26723
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1019046
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/4103

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:39:13.565Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "3425",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/3425"
          },
          {
            "name": "27947",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27947"
          },
          {
            "name": "ADV-2007-4103",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/4103"
          },
          {
            "name": "1019046",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1019046"
          },
          {
            "name": "20071205 Cisco Security Agent for Windows System Driver Remote Buffer Overflow Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a008090a434.shtml"
          },
          {
            "name": "39521",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/39521"
          },
          {
            "name": "20071206 NSFOCUS SA2007-02 : Cisco Security Agent Remote Buffer Overflow Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/484669/100/100/threaded"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails\u0026bugId=CSCsl00618"
          },
          {
            "name": "26723",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26723"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.nsfocus.com/english/homepage/research/0702.htm"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-12-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in a certain driver in Cisco Security Agent 4.5.1 before 4.5.1.672, 5.0 before 5.0.0.225, 5.1 before 5.1.0.106, and 5.2 before 5.2.0.238 on Windows allows remote attackers to execute arbitrary code via a crafted SMB packet in a TCP session on port (1) 139 or (2) 445."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "3425",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/3425"
        },
        {
          "name": "27947",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27947"
        },
        {
          "name": "ADV-2007-4103",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/4103"
        },
        {
          "name": "1019046",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1019046"
        },
        {
          "name": "20071205 Cisco Security Agent for Windows System Driver Remote Buffer Overflow Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a008090a434.shtml"
        },
        {
          "name": "39521",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/39521"
        },
        {
          "name": "20071206 NSFOCUS SA2007-02 : Cisco Security Agent Remote Buffer Overflow Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/484669/100/100/threaded"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails\u0026bugId=CSCsl00618"
        },
        {
          "name": "26723",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26723"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.nsfocus.com/english/homepage/research/0702.htm"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2007-5580",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in a certain driver in Cisco Security Agent 4.5.1 before 4.5.1.672, 5.0 before 5.0.0.225, 5.1 before 5.1.0.106, and 5.2 before 5.2.0.238 on Windows allows remote attackers to execute arbitrary code via a crafted SMB packet in a TCP session on port (1) 139 or (2) 445."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "3425",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/3425"
            },
            {
              "name": "27947",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27947"
            },
            {
              "name": "ADV-2007-4103",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/4103"
            },
            {
              "name": "1019046",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1019046"
            },
            {
              "name": "20071205 Cisco Security Agent for Windows System Driver Remote Buffer Overflow Vulnerability",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a008090a434.shtml"
            },
            {
              "name": "39521",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/39521"
            },
            {
              "name": "20071206 NSFOCUS SA2007-02 : Cisco Security Agent Remote Buffer Overflow Vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/484669/100/100/threaded"
            },
            {
              "name": "http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails\u0026bugId=CSCsl00618",
              "refsource": "CONFIRM",
              "url": "http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails\u0026bugId=CSCsl00618"
            },
            {
              "name": "26723",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/26723"
            },
            {
              "name": "http://www.nsfocus.com/english/homepage/research/0702.htm",
              "refsource": "MISC",
              "url": "http://www.nsfocus.com/english/homepage/research/0702.htm"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2007-5580",
    "datePublished": "2007-12-15T01:00:00",
    "dateReserved": "2007-10-19T00:00:00",
    "dateUpdated": "2024-08-07T15:39:13.565Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:security_agent:2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"31271A5A-61AE-486E-830B-FBDA557D802A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:security_agent:3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F15A5A49-D0DF-4E65-A86E-7B71E7BF0273\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:security_agent:4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1089218C-A480-49CF-A499-5ABDAD017B92\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:security_agent:4.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1FA5B2E7-203D-4340-80C1-3CAF1A15A36C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:security_agent:4.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"612862DD-0FEE-4FBE-8750-EFC7BA22E792\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:security_agent:4.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"845D746E-3269-4E43-836B-486331EC14EB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:security_agent:4.0.3.728:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"90021BE3-85B4-46E5-BDC0-04A30B772063\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:security_agent:4.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5562E755-E4A3-4656-859A-40757012BE89\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:security_agent:4.5.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"84A1657D-BBC9-4CF5-8F5A-486FAC8B9489\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:security_agent:4.5.1.639:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"14F08C40-7A58-4B0B-A3A1-6F23DB113F22\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:security_agent:4.5.1.657:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"92BCC996-7C45-479D-8952-00B079604CAC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:security_agent:4.5.1.659:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D2AEBD5B-2EFD-465E-8108-24AB0CEB0892\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:security_agent:5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E171031D-51C1-41BB-96E4-DFFF0C36B74B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:security_agent:5.0.0.201:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7A691B7B-A8B1-41D5-A6F2-7521146F02AD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:security_agent:5.0.193:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"80FC93FD-9A77-49AD-86CB-414B041F52F0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:security_agent:5.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F6DD0915-7671-42CD-8DF3-0B685389C528\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:security_agent:5.1.79:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AF1FE344-15E2-44B5-9346-253283CEBD3C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:security_agent:5.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"734B38F1-6FEC-4A94-B1C9-D076750A133F\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Buffer overflow in a certain driver in Cisco Security Agent 4.5.1 before 4.5.1.672, 5.0 before 5.0.0.225, 5.1 before 5.1.0.106, and 5.2 before 5.2.0.238 on Windows allows remote attackers to execute arbitrary code via a crafted SMB packet in a TCP session on port (1) 139 or (2) 445.\"}, {\"lang\": \"es\", \"value\": \"Un desbordamiento de b\\u00fafer en un determinado controlador en Cisco Security Agent versiones 4.5.1 anteriores a 4.5.1.672, versiones 5.0 anteriores a 5.0.0.225, versiones 5.1 anteriores a 5.1.0.106, y versiones 5.2 anteriores a 5.2.0.238 en Windows, permite a los atacantes remotos ejecutar c\\u00f3digo arbitrario por medio de un paquete SMB especialmente dise\\u00f1ado en una sesi\\u00f3n TCP en el puerto (1) 139 o (2) 445.\"}]",
      "id": "CVE-2007-5580",
      "lastModified": "2024-11-21T00:38:14.630",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 10.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2007-12-15T01:46:00.000",
      "references": "[{\"url\": \"http://osvdb.org/39521\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://secunia.com/advisories/27947\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://securityreason.com/securityalert/3425\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails\u0026bugId=CSCsl00618\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://www.cisco.com/en/US/products/products_security_advisory09186a008090a434.shtml\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://www.nsfocus.com/english/homepage/research/0702.htm\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://www.securityfocus.com/archive/1/484669/100/100/threaded\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://www.securityfocus.com/bid/26723\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://www.securitytracker.com/id?1019046\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://www.vupen.com/english/advisories/2007/4103\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://osvdb.org/39521\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/27947\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://securityreason.com/securityalert/3425\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails\u0026bugId=CSCsl00618\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.cisco.com/en/US/products/products_security_advisory09186a008090a434.shtml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.nsfocus.com/english/homepage/research/0702.htm\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/484669/100/100/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/26723\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id?1019046\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2007/4103\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2007-5580\",\"sourceIdentifier\":\"ykramarz@cisco.com\",\"published\":\"2007-12-15T01:46:00.000\",\"lastModified\":\"2024-11-21T00:38:14.630\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Buffer overflow in a certain driver in Cisco Security Agent 4.5.1 before 4.5.1.672, 5.0 before 5.0.0.225, 5.1 before 5.1.0.106, and 5.2 before 5.2.0.238 on Windows allows remote attackers to execute arbitrary code via a crafted SMB packet in a TCP session on port (1) 139 or (2) 445.\"},{\"lang\":\"es\",\"value\":\"Un desbordamiento de b\u00fafer en un determinado controlador en Cisco Security Agent versiones 4.5.1 anteriores a 4.5.1.672, versiones 5.0 anteriores a 5.0.0.225, versiones 5.1 anteriores a 5.1.0.106, y versiones 5.2 anteriores a 5.2.0.238 en Windows, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un paquete SMB especialmente dise\u00f1ado en una sesi\u00f3n TCP en el puerto (1) 139 o (2) 445.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:security_agent:2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31271A5A-61AE-486E-830B-FBDA557D802A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:security_agent:3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F15A5A49-D0DF-4E65-A86E-7B71E7BF0273\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:security_agent:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1089218C-A480-49CF-A499-5ABDAD017B92\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:security_agent:4.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FA5B2E7-203D-4340-80C1-3CAF1A15A36C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:security_agent:4.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"612862DD-0FEE-4FBE-8750-EFC7BA22E792\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:security_agent:4.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"845D746E-3269-4E43-836B-486331EC14EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:security_agent:4.0.3.728:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"90021BE3-85B4-46E5-BDC0-04A30B772063\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:security_agent:4.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5562E755-E4A3-4656-859A-40757012BE89\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:security_agent:4.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84A1657D-BBC9-4CF5-8F5A-486FAC8B9489\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:security_agent:4.5.1.639:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14F08C40-7A58-4B0B-A3A1-6F23DB113F22\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:security_agent:4.5.1.657:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92BCC996-7C45-479D-8952-00B079604CAC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:security_agent:4.5.1.659:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2AEBD5B-2EFD-465E-8108-24AB0CEB0892\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:security_agent:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E171031D-51C1-41BB-96E4-DFFF0C36B74B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:security_agent:5.0.0.201:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A691B7B-A8B1-41D5-A6F2-7521146F02AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:security_agent:5.0.193:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80FC93FD-9A77-49AD-86CB-414B041F52F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:security_agent:5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6DD0915-7671-42CD-8DF3-0B685389C528\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:security_agent:5.1.79:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF1FE344-15E2-44B5-9346-253283CEBD3C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:security_agent:5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"734B38F1-6FEC-4A94-B1C9-D076750A133F\"}]}]}],\"references\":[{\"url\":\"http://osvdb.org/39521\",\"source\":\"ykramarz@cisco.com\"},{\"url\":\"http://secunia.com/advisories/27947\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/3425\",\"source\":\"ykramarz@cisco.com\"},{\"url\":\"http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails\u0026bugId=CSCsl00618\",\"source\":\"ykramarz@cisco.com\"},{\"url\":\"http://www.cisco.com/en/US/products/products_security_advisory09186a008090a434.shtml\",\"source\":\"ykramarz@cisco.com\"},{\"url\":\"http://www.nsfocus.com/english/homepage/research/0702.htm\",\"source\":\"ykramarz@cisco.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/484669/100/100/threaded\",\"source\":\"ykramarz@cisco.com\"},{\"url\":\"http://www.securityfocus.com/bid/26723\",\"source\":\"ykramarz@cisco.com\"},{\"url\":\"http://www.securitytracker.com/id?1019046\",\"source\":\"ykramarz@cisco.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/4103\",\"source\":\"ykramarz@cisco.com\"},{\"url\":\"http://osvdb.org/39521\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/27947\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/3425\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails\u0026bugId=CSCsl00618\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.cisco.com/en/US/products/products_security_advisory09186a008090a434.shtml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.nsfocus.com/english/homepage/research/0702.htm\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/484669/100/100/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/26723\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1019046\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/4103\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

Buffer overflow in a certain driver in Cisco Security Agent 4.5.1 before 4.5.1.672, 5.0 before 5.0.0.225, 5.1 before 5.1.0.106, and 5.2 before 5.2.0.238 on Windows allows remote attackers to execute arbitrary code via a crafted SMB packet in a TCP session on port (1) 139 or (2) 445. Cisco Security Agent for Microsoft Windows is prone to a buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data. Remote attackers can exploit this issue to execute arbitrary machine code with SYSTEM-level privileges. Successful exploits will completely compromise affected computers. Failed attacks will likely cause denial-of-service conditions. This issue affects all standalone and managed versions of Cisco Security Agent for Windows. A remote attacker might cause system with CSA installed to restart or BSOD. By sending carefully crafted data an attacker might cause remote code execution, thus gains complete control over the system.

By default CSA allows access to TCP ports 139 and 445. After establishing a session to TCP ports 139 and 445, an attacker can complete an exploitation without any authentication simply by sending a single packet. Other Cisco software that uses CSA component is also affected.

Workaround

Restrict access to TCP ports 139 and 445.

Vendor Status

2007.09.27 Informed the vendor 2007.10.23 Vendor confirmed the vulnerability 2007.12.05 Vendor released a security advisory (cisco-sa-20071205-csa) and related patches.

For more details about the Cisco security advisory, please refer to: http://www.cisco.com/warp/public/707/cisco-sa-20071205-csa.shtml

Additional Information

The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2007-5580 to this issue. This is a candidate for inclusion in the CVE list (http://cve.mitre.org), which standardizes names for security problems. Candidates may change significantly before they become official CVE entries.

Acknowledgment

NSFOCUS Security Team

DISCLAIMS

THE INFORMATION PROVIDED IS RELEASED BY NSFOCUS "AS IS" WITHOUT WARRANTY OF ANY KIND. NSFOCUS DISCLAIMS ALL WARRANTIES, EITHER EXPRESSED OR IMPLIED, EXCEPT FOR THE WARRANTIES OF MERCHANTABILITY. IN NO EVENT SHALL NSFOCUS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL,CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF NSFOCUS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. DISTRIBUTION OR REPRODUCTION OF THE INFORMATION IS PROVIDED THAT THE ADVISORY IS NOT MODIFIED IN ANY WAY.

NSFocus Security Team security@nsfocus.com NSFOCUS INFORMATION TECHNOLOGY CO.,LTD (http://www.nsfocus.com) .

2003: 2,700 advisories published 2004: 3,100 advisories published 2005: 4,600 advisories published 2006: 5,300 advisories published

How do you know which Secunia advisories are important to you?

The Secunia Vulnerability Intelligence Solutions allows you to filter and structure all the information you need, so you can address issues effectively.

The vulnerability is caused due to a boundary error in an unspecified system driver used by the application and can be exploited to cause a buffer overflow via a specially crafted packet sent to port 139/TCP or 445/TCP.

Successful exploitation may allow execution of arbitrary code. Please see the vendor's advisory for a list of Cisco products that include the agent.

SOLUTION: Apply updates. http://www.cisco.com/pcgi-bin/tablebuild.pl/csm-app?psrtdcat20e2

PROVIDED AND/OR DISCOVERED BY: The vendor credits NSFocus Security Team.

ORIGINAL ADVISORY: Cisco (cisco-sa-20071205-csa): http://www.cisco.com/warp/public/707/cisco-sa-20071205-csa.shtml

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200712-0410",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "security agent",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "4.0.1"
      },
      {
        "model": "security agent",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "5.0"
      },
      {
        "model": "security agent",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "5.1.79"
      },
      {
        "model": "security agent",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "5.2"
      },
      {
        "model": "security agent",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "5.0.193"
      },
      {
        "model": "security agent",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "5.0.0.201"
      },
      {
        "model": "security agent",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "4.0.3.728"
      },
      {
        "model": "security agent",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "4.5.1.639"
      },
      {
        "model": "security agent",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "4.0"
      },
      {
        "model": "security agent",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "5.1"
      },
      {
        "model": "security agent",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "2.1"
      },
      {
        "model": "security agent",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "4.5.1.659"
      },
      {
        "model": "security agent",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "4.5.1"
      },
      {
        "model": "security agent",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "4.0.3"
      },
      {
        "model": "security agent",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "4.5.1.657"
      },
      {
        "model": "security agent",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "4.5"
      },
      {
        "model": "security agent",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "4.0.2"
      },
      {
        "model": "security agent",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "3"
      },
      {
        "model": "security agent",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "5.0.0.225"
      },
      {
        "model": "security agent",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "4.5.1.672"
      },
      {
        "model": "security agent",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "4.5.1"
      },
      {
        "model": "security agent",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "5.1"
      },
      {
        "model": "security agent",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "5.1.0.106"
      },
      {
        "model": "security agent",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "5.2"
      },
      {
        "model": "security agent",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "5.0"
      },
      {
        "model": "security agent",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "5.2.0.238"
      },
      {
        "model": "security agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.x"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "26723"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-002807"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-5580"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:security_agent:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:security_agent:4.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:security_agent:4.5.1.659:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:security_agent:5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:security_agent:4.0.3.728:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:security_agent:4.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:security_agent:5.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:security_agent:5.1.79:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:security_agent:2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:security_agent:3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:security_agent:4.5.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:security_agent:4.5.1.639:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:security_agent:4.5.1.657:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:security_agent:5.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:security_agent:4.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:security_agent:4.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:security_agent:5.0.0.201:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:security_agent:5.0.193:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2007-5580"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The vendor disclosed this issue.",
    "sources": [
      {
        "db": "BID",
        "id": "26723"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2007-5580",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 10.0,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2007-5580",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "VHN-28942",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2007-5580",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200712-412",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-28942",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-28942"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-002807"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-5580"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200712-412"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Buffer overflow in a certain driver in Cisco Security Agent 4.5.1 before 4.5.1.672, 5.0 before 5.0.0.225, 5.1 before 5.1.0.106, and 5.2 before 5.2.0.238 on Windows allows remote attackers to execute arbitrary code via a crafted SMB packet in a TCP session on port (1) 139 or (2) 445. Cisco Security Agent for Microsoft Windows is prone to a buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data. \nRemote attackers can exploit this issue to execute arbitrary machine code with SYSTEM-level privileges. Successful exploits will completely compromise affected computers. Failed attacks will likely cause denial-of-service conditions. \nThis issue affects all standalone and managed versions of Cisco Security Agent for Windows. A remote attacker \nmight cause system with CSA installed to restart or BSOD. By sending carefully \ncrafted data an attacker might cause remote code execution, thus gains complete \ncontrol over the system. \n\nBy default CSA allows access to TCP ports 139 and 445. After establishing a \nsession to TCP ports 139 and 445, an attacker can complete an exploitation \nwithout any authentication simply by sending a single packet. \nOther Cisco software that uses CSA component is also affected. \n\nWorkaround\n=============\n\n* Restrict access to TCP ports 139 and 445. \n    \nVendor Status\n==============\n\n2007.09.27  Informed the vendor\n2007.10.23  Vendor confirmed the vulnerability\n2007.12.05  Vendor released a security advisory (cisco-sa-20071205-csa) and \n            related patches. \n            \nFor more details about the Cisco security advisory, please refer to:\nhttp://www.cisco.com/warp/public/707/cisco-sa-20071205-csa.shtml\n\nAdditional Information\n========================\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\nname CVE-2007-5580 to this issue. This is a candidate for inclusion in the \nCVE list (http://cve.mitre.org), which standardizes names for security problems. \nCandidates may change significantly before they become official CVE entries. \n\nAcknowledgment\n===============\n\nNSFOCUS Security Team\n\nDISCLAIMS\n==========\nTHE INFORMATION PROVIDED IS RELEASED BY NSFOCUS \"AS IS\" WITHOUT WARRANTY\nOF ANY KIND. NSFOCUS DISCLAIMS ALL WARRANTIES, EITHER EXPRESSED OR IMPLIED,\nEXCEPT FOR THE WARRANTIES OF MERCHANTABILITY. IN NO EVENT SHALL NSFOCUS\nBE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,\nINCIDENTAL,CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES,\nEVEN IF NSFOCUS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. \nDISTRIBUTION OR REPRODUCTION OF THE INFORMATION IS PROVIDED THAT THE\nADVISORY IS NOT MODIFIED IN ANY WAY. \n\nCopyright 1999-2007 NSFOCUS. All Rights Reserved. Terms of use. \n\nNSFocus Security Team \u003csecurity@nsfocus.com\u003e\nNSFOCUS INFORMATION TECHNOLOGY CO.,LTD\n(http://www.nsfocus.com)\n. \n\n----------------------------------------------------------------------\n\n2003: 2,700 advisories published\n2004: 3,100 advisories published\n2005: 4,600 advisories published\n2006: 5,300 advisories published\n\nHow do you know which Secunia advisories are important to you?\n\nThe Secunia Vulnerability Intelligence Solutions allows you to filter\nand structure all the information you need, so you can address issues\neffectively. \n\nThe vulnerability is caused due to a boundary error in an unspecified\nsystem driver used by the application and can be exploited to cause a\nbuffer overflow via a specially crafted packet sent to port 139/TCP\nor 445/TCP. \n\nSuccessful exploitation may allow execution of arbitrary code. Please see the vendor\u0027s advisory\nfor a list of Cisco products that include the agent. \n\nSOLUTION:\nApply updates. \nhttp://www.cisco.com/pcgi-bin/tablebuild.pl/csm-app?psrtdcat20e2\n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits NSFocus Security Team. \n\nORIGINAL ADVISORY:\nCisco (cisco-sa-20071205-csa):\nhttp://www.cisco.com/warp/public/707/cisco-sa-20071205-csa.shtml\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2007-5580"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-002807"
      },
      {
        "db": "BID",
        "id": "26723"
      },
      {
        "db": "VULHUB",
        "id": "VHN-28942"
      },
      {
        "db": "PACKETSTORM",
        "id": "61561"
      },
      {
        "db": "PACKETSTORM",
        "id": "61542"
      }
    ],
    "trust": 2.16
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-28942",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-28942"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2007-5580",
        "trust": 2.9
      },
      {
        "db": "BID",
        "id": "26723",
        "trust": 2.0
      },
      {
        "db": "SECUNIA",
        "id": "27947",
        "trust": 1.8
      },
      {
        "db": "SREASON",
        "id": "3425",
        "trust": 1.7
      },
      {
        "db": "VUPEN",
        "id": "ADV-2007-4103",
        "trust": 1.7
      },
      {
        "db": "OSVDB",
        "id": "39521",
        "trust": 1.7
      },
      {
        "db": "SECTRACK",
        "id": "1019046",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-002807",
        "trust": 0.8
      },
      {
        "db": "CISCO",
        "id": "20071205 CISCO SECURITY AGENT FOR WINDOWS SYSTEM DRIVER REMOTE BUFFER OVERFLOW VULNERABILITY",
        "trust": 0.6
      },
      {
        "db": "BUGTRAQ",
        "id": "20071206 NSFOCUS SA2007-02 : CISCO SECURITY AGENT REMOTE BUFFER OVERFLOW VULNERABILITY",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200712-412",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "61561",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-28942",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "61542",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-28942"
      },
      {
        "db": "BID",
        "id": "26723"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-002807"
      },
      {
        "db": "PACKETSTORM",
        "id": "61561"
      },
      {
        "db": "PACKETSTORM",
        "id": "61542"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-5580"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200712-412"
      }
    ]
  },
  "id": "VAR-200712-0410",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-28942"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T13:20:44.415000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20071205-csa",
        "trust": 0.8,
        "url": "http://www.cisco.com/en/us/products/csa/cisco-sa-20071205-csa.html"
      },
      {
        "title": "Cisco Security Agent Buffer error vulnerability fix",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=175104"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-002807"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200712-412"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-28942"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-002807"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-5580"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.8,
        "url": "http://www.nsfocus.com/english/homepage/research/0702.htm"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/26723"
      },
      {
        "trust": 1.7,
        "url": "http://www.cisco.com/en/us/products/products_security_advisory09186a008090a434.shtml"
      },
      {
        "trust": 1.7,
        "url": "http://osvdb.org/39521"
      },
      {
        "trust": 1.7,
        "url": "http://www.securitytracker.com/id?1019046"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/27947"
      },
      {
        "trust": 1.7,
        "url": "http://securityreason.com/securityalert/3425"
      },
      {
        "trust": 1.7,
        "url": "http://www.vupen.com/english/advisories/2007/4103"
      },
      {
        "trust": 1.6,
        "url": "http://tools.cisco.com/support/bugtoolkit/search/getbugdetails.do?method=fetchbugdetails\u0026bugid=cscsl00618"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/archive/1/484669/100/100/threaded"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5580"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-5580"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/archive/1/archive/1/484669/100/100/threaded"
      },
      {
        "trust": 0.5,
        "url": "http://www.cisco.com/warp/public/707/cisco-sa-20071205-csa.shtml"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/en/us/products/sw/secursw/ps5057/index.html"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/484625"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/484669"
      },
      {
        "trust": 0.1,
        "url": "http://tools.cisco.com/support/bugtoolkit/search/getbugdetails.do?method=fetchbugdetails\u0026amp;bugid=cscsl00618"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5580"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org),"
      },
      {
        "trust": 0.1,
        "url": "http://www.nsfocus.com)"
      },
      {
        "trust": 0.1,
        "url": "http://www.cisco.com/pcgi-bin/tablebuild.pl/csm-app?psrtdcat20e2"
      },
      {
        "trust": 0.1,
        "url": "http://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/11019/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/2806/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/2867/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/27947/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/12423/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/5363/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/2869/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/4246/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://www.cisco.com/pcgi-bin/tablebuild.pl/csahf-crypto?psrtdcat20e2"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/14776/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://www.cisco.com/pcgi-bin/tablebuild.pl/cmva-3des?psrtdcat20e2"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/2769/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/13662/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/2770/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/2868/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-28942"
      },
      {
        "db": "BID",
        "id": "26723"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-002807"
      },
      {
        "db": "PACKETSTORM",
        "id": "61561"
      },
      {
        "db": "PACKETSTORM",
        "id": "61542"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-5580"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200712-412"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-28942"
      },
      {
        "db": "BID",
        "id": "26723"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-002807"
      },
      {
        "db": "PACKETSTORM",
        "id": "61561"
      },
      {
        "db": "PACKETSTORM",
        "id": "61542"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-5580"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200712-412"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2007-12-15T00:00:00",
        "db": "VULHUB",
        "id": "VHN-28942"
      },
      {
        "date": "2007-12-05T00:00:00",
        "db": "BID",
        "id": "26723"
      },
      {
        "date": "2012-06-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2007-002807"
      },
      {
        "date": "2007-12-07T17:55:22",
        "db": "PACKETSTORM",
        "id": "61561"
      },
      {
        "date": "2007-12-07T16:22:07",
        "db": "PACKETSTORM",
        "id": "61542"
      },
      {
        "date": "2007-12-15T01:46:00",
        "db": "NVD",
        "id": "CVE-2007-5580"
      },
      {
        "date": "2007-12-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200712-412"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-10-15T00:00:00",
        "db": "VULHUB",
        "id": "VHN-28942"
      },
      {
        "date": "2007-12-06T21:12:00",
        "db": "BID",
        "id": "26723"
      },
      {
        "date": "2012-06-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2007-002807"
      },
      {
        "date": "2018-10-15T21:45:38.597000",
        "db": "NVD",
        "id": "CVE-2007-5580"
      },
      {
        "date": "2021-12-20T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200712-412"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "61561"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200712-412"
      }
    ],
    "trust": 0.7
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Windows upper  Cisco Security Agent Arbitrary code execution vulnerability in certain drivers",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-002807"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200712-412"
      }
    ],
    "trust": 0.6
  }
}

ghsa-pvxg-g7h5-249r

Vulnerability from github

Published

2022-05-01 18:34

Modified

2022-05-01 18:34

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2007-5580"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2007-12-15T01:46:00Z",
    "severity": "HIGH"
  },
  "details": "Buffer overflow in a certain driver in Cisco Security Agent 4.5.1 before 4.5.1.672, 5.0 before 5.0.0.225, 5.1 before 5.1.0.106, and 5.2 before 5.2.0.238 on Windows allows remote attackers to execute arbitrary code via a crafted SMB packet in a TCP session on port (1) 139 or (2) 445.",
  "id": "GHSA-pvxg-g7h5-249r",
  "modified": "2022-05-01T18:34:51Z",
  "published": "2022-05-01T18:34:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-5580"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/39521"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27947"
    },
    {
      "type": "WEB",
      "url": "http://securityreason.com/securityalert/3425"
    },
    {
      "type": "WEB",
      "url": "http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails\u0026bugId=CSCsl00618"
    },
    {
      "type": "WEB",
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a008090a434.shtml"
    },
    {
      "type": "WEB",
      "url": "http://www.nsfocus.com/english/homepage/research/0702.htm"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/484669/100/100/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/26723"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1019046"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/4103"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

fkie_cve-2007-5580

Vulnerability from fkie_nvd

Published

2007-12-15 01:46

Modified

2024-11-21 00:38

Severity ?

Summary

References

URL	Tags
psirt@cisco.com	http://osvdb.org/39521
psirt@cisco.com	http://secunia.com/advisories/27947	Vendor Advisory
psirt@cisco.com	http://securityreason.com/securityalert/3425
psirt@cisco.com	http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsl00618
psirt@cisco.com	http://www.cisco.com/en/US/products/products_security_advisory09186a008090a434.shtml
psirt@cisco.com	http://www.nsfocus.com/english/homepage/research/0702.htm
psirt@cisco.com	http://www.securityfocus.com/archive/1/484669/100/100/threaded
psirt@cisco.com	http://www.securityfocus.com/bid/26723
psirt@cisco.com	http://www.securitytracker.com/id?1019046
psirt@cisco.com	http://www.vupen.com/english/advisories/2007/4103
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/39521
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27947	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/3425
af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsl00618
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/en/US/products/products_security_advisory09186a008090a434.shtml
af854a3a-2127-422b-91ae-364da2661108	http://www.nsfocus.com/english/homepage/research/0702.htm
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/484669/100/100/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/26723
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1019046
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/4103

Impacted products

Vendor	Product	Version
cisco	security_agent	2.1
cisco	security_agent	3
cisco	security_agent	4.0
cisco	security_agent	4.0.1
cisco	security_agent	4.0.2
cisco	security_agent	4.0.3
cisco	security_agent	4.0.3.728
cisco	security_agent	4.5
cisco	security_agent	4.5.1
cisco	security_agent	4.5.1.639
cisco	security_agent	4.5.1.657
cisco	security_agent	4.5.1.659
cisco	security_agent	5.0
cisco	security_agent	5.0.0.201
cisco	security_agent	5.0.193
cisco	security_agent	5.1
cisco	security_agent	5.1.79
cisco	security_agent	5.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:security_agent:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "31271A5A-61AE-486E-830B-FBDA557D802A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:security_agent:3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F15A5A49-D0DF-4E65-A86E-7B71E7BF0273",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:security_agent:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1089218C-A480-49CF-A499-5ABDAD017B92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:security_agent:4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FA5B2E7-203D-4340-80C1-3CAF1A15A36C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:security_agent:4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "612862DD-0FEE-4FBE-8750-EFC7BA22E792",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:security_agent:4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "845D746E-3269-4E43-836B-486331EC14EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:security_agent:4.0.3.728:*:*:*:*:*:*:*",
              "matchCriteriaId": "90021BE3-85B4-46E5-BDC0-04A30B772063",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:security_agent:4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5562E755-E4A3-4656-859A-40757012BE89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:security_agent:4.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84A1657D-BBC9-4CF5-8F5A-486FAC8B9489",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:security_agent:4.5.1.639:*:*:*:*:*:*:*",
              "matchCriteriaId": "14F08C40-7A58-4B0B-A3A1-6F23DB113F22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:security_agent:4.5.1.657:*:*:*:*:*:*:*",
              "matchCriteriaId": "92BCC996-7C45-479D-8952-00B079604CAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:security_agent:4.5.1.659:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2AEBD5B-2EFD-465E-8108-24AB0CEB0892",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:security_agent:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E171031D-51C1-41BB-96E4-DFFF0C36B74B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:security_agent:5.0.0.201:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A691B7B-A8B1-41D5-A6F2-7521146F02AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:security_agent:5.0.193:*:*:*:*:*:*:*",
              "matchCriteriaId": "80FC93FD-9A77-49AD-86CB-414B041F52F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:security_agent:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6DD0915-7671-42CD-8DF3-0B685389C528",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:security_agent:5.1.79:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF1FE344-15E2-44B5-9346-253283CEBD3C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:security_agent:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "734B38F1-6FEC-4A94-B1C9-D076750A133F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in a certain driver in Cisco Security Agent 4.5.1 before 4.5.1.672, 5.0 before 5.0.0.225, 5.1 before 5.1.0.106, and 5.2 before 5.2.0.238 on Windows allows remote attackers to execute arbitrary code via a crafted SMB packet in a TCP session on port (1) 139 or (2) 445."
    },
    {
      "lang": "es",
      "value": "Un desbordamiento de b\u00fafer en un determinado controlador en Cisco Security Agent versiones 4.5.1 anteriores a 4.5.1.672, versiones 5.0 anteriores a 5.0.0.225, versiones 5.1 anteriores a 5.1.0.106, y versiones 5.2 anteriores a 5.2.0.238 en Windows, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un paquete SMB especialmente dise\u00f1ado en una sesi\u00f3n TCP en el puerto (1) 139 o (2) 445."
    }
  ],
  "id": "CVE-2007-5580",
  "lastModified": "2024-11-21T00:38:14.630",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-12-15T01:46:00.000",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "http://osvdb.org/39521"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27947"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://securityreason.com/securityalert/3425"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails\u0026bugId=CSCsl00618"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a008090a434.shtml"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.nsfocus.com/english/homepage/research/0702.htm"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/archive/1/484669/100/100/threaded"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/26723"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id?1019046"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.vupen.com/english/advisories/2007/4103"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/39521"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27947"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/3425"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails\u0026bugId=CSCsl00618"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a008090a434.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.nsfocus.com/english/homepage/research/0702.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/484669/100/100/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/26723"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1019046"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/4103"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

gsd-2007-5580

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2007-5580

Aliases

CVE-2007-5580

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2007-5580",
    "description": "Buffer overflow in a certain driver in Cisco Security Agent 4.5.1 before 4.5.1.672, 5.0 before 5.0.0.225, 5.1 before 5.1.0.106, and 5.2 before 5.2.0.238 on Windows allows remote attackers to execute arbitrary code via a crafted SMB packet in a TCP session on port (1) 139 or (2) 445.",
    "id": "GSD-2007-5580"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2007-5580"
      ],
      "details": "Buffer overflow in a certain driver in Cisco Security Agent 4.5.1 before 4.5.1.672, 5.0 before 5.0.0.225, 5.1 before 5.1.0.106, and 5.2 before 5.2.0.238 on Windows allows remote attackers to execute arbitrary code via a crafted SMB packet in a TCP session on port (1) 139 or (2) 445.",
      "id": "GSD-2007-5580",
      "modified": "2023-12-13T01:21:40.995340Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2007-5580",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Buffer overflow in a certain driver in Cisco Security Agent 4.5.1 before 4.5.1.672, 5.0 before 5.0.0.225, 5.1 before 5.1.0.106, and 5.2 before 5.2.0.238 on Windows allows remote attackers to execute arbitrary code via a crafted SMB packet in a TCP session on port (1) 139 or (2) 445."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "3425",
            "refsource": "SREASON",
            "url": "http://securityreason.com/securityalert/3425"
          },
          {
            "name": "27947",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/27947"
          },
          {
            "name": "ADV-2007-4103",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2007/4103"
          },
          {
            "name": "1019046",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1019046"
          },
          {
            "name": "20071205 Cisco Security Agent for Windows System Driver Remote Buffer Overflow Vulnerability",
            "refsource": "CISCO",
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a008090a434.shtml"
          },
          {
            "name": "39521",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/39521"
          },
          {
            "name": "20071206 NSFOCUS SA2007-02 : Cisco Security Agent Remote Buffer Overflow Vulnerability",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/484669/100/100/threaded"
          },
          {
            "name": "http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails\u0026bugId=CSCsl00618",
            "refsource": "CONFIRM",
            "url": "http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails\u0026bugId=CSCsl00618"
          },
          {
            "name": "26723",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/26723"
          },
          {
            "name": "http://www.nsfocus.com/english/homepage/research/0702.htm",
            "refsource": "MISC",
            "url": "http://www.nsfocus.com/english/homepage/research/0702.htm"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:security_agent:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:security_agent:4.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:security_agent:4.5.1.659:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:security_agent:5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:security_agent:4.0.3.728:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:security_agent:4.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:security_agent:5.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:security_agent:5.1.79:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:security_agent:2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:security_agent:3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:security_agent:4.5.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:security_agent:4.5.1.639:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:security_agent:4.5.1.657:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:security_agent:5.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:security_agent:4.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:security_agent:4.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:security_agent:5.0.0.201:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:security_agent:5.0.193:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2007-5580"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Buffer overflow in a certain driver in Cisco Security Agent 4.5.1 before 4.5.1.672, 5.0 before 5.0.0.225, 5.1 before 5.1.0.106, and 5.2 before 5.2.0.238 on Windows allows remote attackers to execute arbitrary code via a crafted SMB packet in a TCP session on port (1) 139 or (2) 445."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails\u0026bugId=CSCsl00618",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails\u0026bugId=CSCsl00618"
            },
            {
              "name": "20071205 Cisco Security Agent for Windows System Driver Remote Buffer Overflow Vulnerability",
              "refsource": "CISCO",
              "tags": [],
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a008090a434.shtml"
            },
            {
              "name": "26723",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/26723"
            },
            {
              "name": "http://www.nsfocus.com/english/homepage/research/0702.htm",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.nsfocus.com/english/homepage/research/0702.htm"
            },
            {
              "name": "1019046",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1019046"
            },
            {
              "name": "27947",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/27947"
            },
            {
              "name": "3425",
              "refsource": "SREASON",
              "tags": [],
              "url": "http://securityreason.com/securityalert/3425"
            },
            {
              "name": "39521",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/39521"
            },
            {
              "name": "ADV-2007-4103",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2007/4103"
            },
            {
              "name": "20071206 NSFOCUS SA2007-02 : Cisco Security Agent Remote Buffer Overflow Vulnerability",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/484669/100/100/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-15T21:45Z",
      "publishedDate": "2007-12-15T01:46Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2007-5580

Vulnerability from cvelistv5

var-200712-0410

Vulnerability from variot

Workaround

Vendor Status

Additional Information

Acknowledgment

DISCLAIMS

ghsa-pvxg-g7h5-249r

Vulnerability from github

fkie_cve-2007-5580

Vulnerability from fkie_nvd

gsd-2007-5580

Vulnerability from gsd

Tags

Sightings

Nomenclature