7.1

CVE-2007-0918

The ATOMIC.TCP signature engine in the Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XA, 12.3YA, 12.3T, and other trains allows remote attackers to cause a denial of service (IPS crash and traffic loss) via unspecified manipulations that are not properly handled by the regular expression feature, as demonstrated using the 3123.0 (Netbus Pro Traffic) signature.

Data is provided by the National Vulnerability Database (NVD)
CiscoIos Version12.3t
CiscoIos Version12.3xq
CiscoIos Version12.3xr
CiscoIos Version12.3xs
CiscoIos Version12.3xw
CiscoIos Version12.3xx
CiscoIos Version12.3xy
CiscoIos Version12.3ya
CiscoIos Version12.3yd
CiscoIos Version12.3yg
CiscoIos Version12.3yh
CiscoIos Version12.3yi
CiscoIos Version12.3yj
CiscoIos Version12.3yk
CiscoIos Version12.3ym
CiscoIos Version12.3yq
CiscoIos Version12.3ys
CiscoIos Version12.3yt
CiscoIos Version12.3yx
CiscoIos Version12.3yz
CiscoIos Version12.4
CiscoIos Version12.4mr
CiscoIos Version12.4t
CiscoIos Version12.4xa
CiscoIos Version12.4xb
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 2.29% 0.842
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.1 8.6 6.9
AV:N/AC:M/Au:N/C:N/I:N/A:C
http://www.securityfocus.com/bid/22549
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1017631
Third Party Advisory
Broken Link
VDB Entry
http://www.vupen.com/english/advisories/2007/0597
Third Party Advisory
Permissions Required