Lucene search

[email protected]CVE-2007-3454

HistoryJun 27, 2007 - 12:30 a.m.

CVE-2007-3454

2007-06-2700:30:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2007-3454

buffer overflow

cgiocommon.dll

arbitrary code execution

trend micro officescan

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

Low

0.803 High

EPSS

Percentile

98.3%

JSON

Stack-based buffer overflow in CGIOCommon.dll before 8.0.0.1042 in Trend Micro OfficeScan Corporate Edition 8.0 allows remote attackers to execute arbitrary code via long crafted requests, as demonstrated using a long session cookie to unspecified CGI programs that use this library.

Affected configurations

NVD

Node

trend_microofficescanMatch7.3corporate

trend_microofficescanMatch8.0corporate

CPENameOperatorVersion
trend_micro:officescantrend micro officescaneq7.3
trend_micro:officescantrend micro officescaneq8.0

CPE	Name	Operator	Version
trend_micro:officescan	trend micro officescan	eq	7.3
trend_micro:officescan	trend micro officescan	eq	8.0

References

labs.idefense.com/intelligence/vulnerabilities/display.php?id=559

osvdb.org/36629

secunia.com/advisories/25778

securitytracker.com/id?1018320

www.securityfocus.com/bid/24641

www.trendmicro.com/ftp/documentation/readme/osce_80_win_en_securitypatch_b1042_readme.txt

www.vupen.com/english/advisories/2007/2330

exchange.xforce.ibmcloud.com/vulnerabilities/35051

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

Low

0.803 High

EPSS

Percentile

98.3%

JSON

Related for CVE-2007-3454

saint4 cvelist1 checkpoint_advisories1 securityvulns2 prion1 nvd1 nessus1