Lucene search

[email protected]NVD:CVE-2007-2279

HistoryJun 04, 2007 - 4:30 p.m.

CVE-2007-2279

2007-06-0416:30:00

CWE-264

[email protected]

web.nvd.nist.gov

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

Confidence

Low

EPSS

0.018

Percentile

88.1%

JSON

The Scheduler Service (VxSchedService.exe) in Symantec Storage Foundation for Windows 5.0 allows remote attackers to bypass authentication and execute arbitrary code via certain requests to the service socket that create (1) PreScript or (2) PostScript registry values under Veritas\VxSvc\CurrentVersion\Schedules specifying future command execution.

Affected configurations

Nvd

Node

symantecveritas_storage_foundationMatch5.0windows

VendorProductVersionCPE
symantecveritas_storage_foundation5.0cpe:2.3:a:symantec:veritas_storage_foundation:5.0:*:windows:*:*:*:*:*

Vendor	Product	Version	CPE
symantec	veritas_storage_foundation	5.0	cpe:2.3:a:symantec:veritas_storage_foundation:5.0::windows:::::

References

osvdb.org/36104

secunia.com/advisories/25537

seer.entsupport.symantec.com/docs/288627.htm

www.securityfocus.com/archive/1/470562/100/0/threaded

www.securityfocus.com/bid/24194

www.securitytracker.com/id?1018188

www.symantec.com/avcenter/security/Content/2007.06.01.html

www.vupen.com/english/advisories/2007/2035

exchange.xforce.ibmcloud.com/vulnerabilities/34680

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

Confidence

Low

EPSS

0.018

Percentile

88.1%

JSON

Related for NVD:CVE-2007-2279

cvelist2 nessus1 securityvulns3 cve2 prion2 nvd1