Lucene search

MitreCVE-2007-3911

HistoryJul 30, 2007 - 5:30 p.m.

CVE-2007-3911

2007-07-3017:30:00

CWE-119

mitre

web.nvd.nist.gov

cve-2007-3911

security vulnerability

bakbone netvault reporter 3.5

buffer overflow

remote code execution

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.7

Confidence

Low

EPSS

0.627

Percentile

97.8%

JSON

Multiple heap-based buffer overflows in (1) clsscheduler.exe (aka scheduler client) and (2) srvscheduler.exe (aka scheduler server) in BakBone NetVault Reporter 3.5 before Update4 allow remote attackers to execute arbitrary code via long filename arguments in HTTP requests.

Affected configurations

Nvd

Node

bakbonenetvault_reporterRange≤3.5update3

VendorProductVersionCPE
bakbonenetvault_reporter*cpe:2.3:a:bakbone:netvault_reporter:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
bakbone	netvault_reporter	*	cpe:2.3:a:bakbone:netvault_reporter::::::::

References

secunia.com/advisories/26222

securityreason.com/securityalert/2954

www.securityfocus.com/archive/1/474626/100/0/threaded

www.securityfocus.com/bid/25068

www.securitytracker.com/id?1018460

www.vupen.com/english/advisories/2007/2658

www.zerodayinitiative.com/advisories/ZDI-07-044.html

exchange.xforce.ibmcloud.com/vulnerabilities/35588

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.7

Confidence

Low

EPSS

0.627

Percentile

97.8%

JSON

Related for CVE-2007-3911