7.5

CVE-2007-0105

Stack-based buffer overflow in the CSAdmin service in Cisco Secure Access Control Server (ACS) for Windows before 4.1 and ACS Solution Engine before 4.1 allows remote attackers to execute arbitrary code via a crafted HTTP GET request.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CiscoSecure Access Control Server Version <= 4.0.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 11.02% 0.953
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/23629
Patch
Vendor Advisory
http://securitytracker.com/id?1017475
http://www.cisco.com/warp/public/707/cisco-sa-20070105-csacs.shtml
Vendor Advisory
http://www.securityfocus.com/bid/21900
http://www.vupen.com/english/advisories/2007/0068
http://www.kb.cert.org/vuls/id/744249
US Government Resource
http://www.osvdb.org/32642
https://exchange.xforce.ibmcloud.com/vulnerabilities/31323