CVE-2007-2514
Published Jun 6, 2007
Last updated 6 years ago
Overview
- Description
- Stack-based buffer overflow in XferWan.exe as used in multiple products including (1) Symantec Discovery 6.5, (2) Numara Asset Manager 8.0, and (3) Centennial UK Ltd Discovery 2006 Feature Pack, allows remote attackers to execute arbitrary code via a long request. NOTE: this might be a reservation duplicate of CVE-2007-1173.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Evaluator
- Comment
- -
- Impact
- "This issue only affects systems running non-secure communications, which comprise a very small percentage of installations worldwide."
- Solution
- "This issue only affects systems running non-secure communications, which comprise a very small percentage of installations worldwide."
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:centennial:discovery:2006_featurepack1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E9336740-2AB3-4189-8EDE-3D12A3AFDB57"
},
{
"criteria": "cpe:2.3:a:numara:asset_manager:8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F8AE39DA-388A-414F-B58A-B7B0E9B4FC12"
},
{
"criteria": "cpe:2.3:a:symantec:discovery:6.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8679A66E-0AEB-42E3-938D-E7AEC74A6C62"
}
],
"operator": "OR"
}
]
}
]