Lucene search

[email protected]CVE-2007-2734

HistoryMay 16, 2007 - 10:30 p.m.

CVE-2007-2734

2007-05-1622:30:00

[email protected]

web.nvd.nist.gov

3com

tippingpoint

ips

unicode

character handling

vulnerability

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.7 Medium

AI Score

Confidence

Low

0.023 Low

EPSS

Percentile

89.8%

JSON

The 3Com TippingPoint IPS do not properly handle certain full-width and half-width Unicode character encodings in an HTTP POST request, which might allow remote attackers to evade detection of HTTP traffic.

Affected configurations

NVD

Node

3com3crtpx505-73

3com3crx506-96

3comtippingpoint_200

3comtippingpoint_200e

3comtippingpoint_2400e

3comtippingpoint_50

3comtippingpoint_5000e

3comtippingpoint_600e

CPENameOperatorVersion
3com:3crtpx505-733com 3crtpx505-73eq*
3com:3crx506-963com 3crx506-96eq*
3com:tippingpoint_2003com tippingpoint 200eq*
3com:tippingpoint_200e3com tippingpoint 200eeq*
3com:tippingpoint_2400e3com tippingpoint 2400eeq*
3com:tippingpoint_503com tippingpoint 50eq*
3com:tippingpoint_5000e3com tippingpoint 5000eeq*
3com:tippingpoint_600e3com tippingpoint 600eeq*

CPE	Name	Operator	Version
3com:3crtpx505-73	3com 3crtpx505-73	eq	*
3com:3crx506-96	3com 3crx506-96	eq	*
3com:tippingpoint_200	3com tippingpoint 200	eq	*
3com:tippingpoint_200e	3com tippingpoint 200e	eq	*
3com:tippingpoint_2400e	3com tippingpoint 2400e	eq	*
3com:tippingpoint_50	3com tippingpoint 50	eq	*
3com:tippingpoint_5000e	3com tippingpoint 5000e	eq	*
3com:tippingpoint_600e	3com tippingpoint 600e	eq	*

References

osvdb.org/35968

secunia.com/advisories/25302

securityreason.com/securityalert/2712

www.3com.com/securityalert/alerts/3COM-07-001.html

www.gamasec.net/english/gs07-01.html

www.kb.cert.org/vuls/id/739224

www.securityfocus.com/archive/1/468633/100/0/threaded

www.vupen.com/english/advisories/2007/1817

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.7 Medium

AI Score

Confidence

Low

0.023 Low

EPSS

Percentile

89.8%

JSON

Related for CVE-2007-2734

cvelist1 prion1 nvd1