Lucene search
HistoryMay 03, 2007 - 11:19 p.m.
CVE-2007-2489
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
8.1
Confidence
High
EPSS
0.148
Percentile
95.8%
Heap-based buffer overflow in LiveData Protocol Server 5.00.045, and other versions before update 500062 (5.00.062), allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted request for a WSDL file that causes a negative length to be used in a strncpy call.
Affected configurations
Node
livedataprotocol_serverRange≤5.00.045
| Vendor | Product | Version | CPE |
|---|---|---|---|
| livedata | protocol_server | * | cpe:2.3:a:livedata:protocol_server:*:*:*:*:*:*:*:* |
References
Related
cvelist
cvelist
CVE-2007-2489
2007-05-03 23:00:00
cve
cve
CVE-2007-2489
2007-05-03 23:19:00
cert
cert
LiveData Protocol Server fails to properly handle requests for WSDL files
2007-05-03 00:00:00
prion
prion
Heap overflow
2007-05-03 23:19:00
nessus
nessus
LiveData Server Multiple Remote Vulnerabilities
2007-05-03 00:00:00
securityvulns
securityvulns
LiveData Protocol Server buffer overflow
2007-05-04 00:00:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
8.1
Confidence
High
EPSS
0.148
Percentile
95.8%
Related for NVD:CVE-2007-2489