Lucene search
MitreCVE-2007-2489HistoryMay 03, 2007 - 11:19 p.m.
CVE-2007-2489
2007-05-0323:19:00
mitre
web.nvd.nist.gov
29
cve-2007-2489
buffer overflow
livedata protocol server
denial of service
arbitrary code execution
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
8
Confidence
High
EPSS
0.148
Percentile
95.8%
Heap-based buffer overflow in LiveData Protocol Server 5.00.045, and other versions before update 500062 (5.00.062), allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted request for a WSDL file that causes a negative length to be used in a strncpy call.
Affected configurations
Node
livedataprotocol_serverRange≤5.00.045
| Vendor | Product | Version | CPE |
|---|---|---|---|
| livedata | protocol_server | * | cpe:2.3:a:livedata:protocol_server:*:*:*:*:*:*:*:* |
References
Related
cvelist
cvelist
CVE-2007-2489
2007-05-03 23:00:00
cert
cert
LiveData Protocol Server fails to properly handle requests for WSDL files
2007-05-03 00:00:00
prion
prion
Heap overflow
2007-05-03 23:19:00
nvd
nvd
CVE-2007-2489
2007-05-03 23:19:00
nessus
nessus
LiveData Server Multiple Remote Vulnerabilities
2007-05-03 00:00:00
securityvulns
securityvulns
LiveData Protocol Server buffer overflow
2007-05-04 00:00:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
8
Confidence
High
EPSS
0.148
Percentile
95.8%
Related for CVE-2007-2489