10

CVE-2007-2417

Heap-based buffer overflow in _mprosrv.exe in Progress Software Progress 9.1E and OpenEdge 10.1x, as used by the RSA Authentication Manager 6.0 and 6.1, SecurID Appliance 2.0, ACE/Server 5.2, and possibly other products, allows remote attackers to execute arbitrary code via crafted packets.  NOTE: this issue might overlap CVE-2007-3491.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ProgressOpenedge Version10.1a
   RsaSecurid Version2.0
ProgressOpenedge Version10.1b
   RsaSecurid Version2.0
ProgressProgress Version9.1e
   RsaSecurid Version2.0
RsaAce Server Version5.2
   RsaSecurid Version2.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 16.2% 0.965
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://dvlabs.tippingpoint.com/advisory/TPTI-07-12
Patch
Vendor Advisory
http://osvdb.org/37934
http://secunia.com/advisories/26058
Patch
Vendor Advisory
http://secunia.com/advisories/26067
Patch
Vendor Advisory
http://www.securityfocus.com/archive/1/473623/100/0/threaded
http://www.securityfocus.com/bid/24675
http://www.securitytracker.com/id?1018389
http://www.vupen.com/english/advisories/2007/2530
http://www.vupen.com/english/advisories/2007/2531
https://exchange.xforce.ibmcloud.com/vulnerabilities/35385