- Description
- Stack-based buffer overflow in XferWan.exe as used in multiple products including (1) Symantec Discovery 6.5, (2) Numara Asset Manager 8.0, and (3) Centennial UK Ltd Discovery 2006 Feature Pack, allows remote attackers to execute arbitrary code via a long request. NOTE: this might be a reservation duplicate of CVE-2007-1173.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
- Hype score
- Not currently trending
- Comment
- -
- Impact
- "This issue only affects systems running non-secure communications, which comprise a very small percentage of installations worldwide."
- Solution
- "This issue only affects systems running non-secure communications, which comprise a very small percentage of installations worldwide."
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:centennial:discovery:2006_featurepack1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E9336740-2AB3-4189-8EDE-3D12A3AFDB57"
},
{
"criteria": "cpe:2.3:a:numara:asset_manager:8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F8AE39DA-388A-414F-B58A-B7B0E9B4FC12"
},
{
"criteria": "cpe:2.3:a:symantec:discovery:6.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8679A66E-0AEB-42E3-938D-E7AEC74A6C62"
}
],
"operator": "OR"
}
]
}
]