Lucene search

MitreCVE-2007-1252

HistoryMar 03, 2007 - 8:19 p.m.

CVE-2007-1252

2007-03-0320:19:00

mitre

web.nvd.nist.gov

cve-2007-1252

buffer overflow

symantec mail security

smtp

patch 175

denial of service

remote attackers

arbitrary code

crafted headers

nvd

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

Confidence

High

EPSS

0.065

Percentile

93.7%

JSON

Buffer overflow in Symantec Mail Security for SMTP 5.0 before Patch 175 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted headers in an e-mail message. NOTE: some information was obtained from third party sources.

Affected configurations

Nvd

Node

symantecmail_securityMatch5.0smtp

VendorProductVersionCPE
symantecmail_security5.0cpe:2.3:a:symantec:mail_security:5.0:*:smtp:*:*:*:*:*

Vendor	Product	Version	CPE
symantec	mail_security	5.0	cpe:2.3:a:symantec:mail_security:5.0::smtp:::::

References

ftp://ftp.symantec.com/public/english_us_canada/products/symantec_mail_security/5.0_smtp/updates/release_notes_p175.txt

osvdb.org/33840

secunia.com/advisories/24371

www.kb.cert.org/vuls/id/875633

www.securityfocus.com/bid/22782

www.securitytracker.com/id?1017716

www.vupen.com/english/advisories/2007/0799

exchange.xforce.ibmcloud.com/vulnerabilities/32781

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

Confidence

High

EPSS

0.065

Percentile

93.7%

JSON

Related for CVE-2007-1252