CVE-2007-2522

2007-05-1104:20:00

CWE-119

mitre

web.nvd.nist.gov

cve-2007-2522

buffer overflow

ca anti-virus

remote code execution

security vulnerability

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.7

Confidence

Low

EPSS

0.955

Percentile

99.4%

JSON

Stack-based buffer overflow in the inoweb Console Server in CA Anti-Virus for the Enterprise r8, Threat Manager r8, Anti-Spyware for the Enterprise r8, and Protection Suites r3 allows remote attackers to execute arbitrary code via a long (1) username or (2) password.

Affected configurations

Nvd

Node

broadcomantispyware_for_the_enterpriseMatch8.0

broadcometrust_integrated_threat_managementMatch8.0

broadcometrust_pestpatrolMatch8.0

VendorProductVersionCPE
broadcomantispyware_for_the_enterprise8.0cpe:2.3:a:broadcom:antispyware_for_the_enterprise:8.0:*:*:*:*:*:*:*
broadcometrust_integrated_threat_management8.0cpe:2.3:a:broadcom:etrust_integrated_threat_management:8.0:*:*:*:*:*:*:*
broadcometrust_pestpatrol8.0cpe:2.3:a:broadcom:etrust_pestpatrol:8.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
broadcom	antispyware_for_the_enterprise	8.0	cpe:2.3:a:broadcom:antispyware_for_the_enterprise:8.0:::::::*
broadcom	etrust_integrated_threat_management	8.0	cpe:2.3:a:broadcom:etrust_integrated_threat_management:8.0:::::::*
broadcom	etrust_pestpatrol	8.0	cpe:2.3:a:broadcom:etrust_pestpatrol:8.0:::::::*