7.5
CVE-2007-3701
- EPSS 9.34%
- Veröffentlicht 11.07.2007 23:30:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
- Quelle cve@mitre.org
- Teams Watchlist Login
- Unerledigt Login
TippingPoint IPS before 20070710 does not properly handle a hex-encoded alternate Unicode '/' (slash) character, which might allow remote attackers to send certain network traffic and avoid detection, as demonstrated by a cmd.exe attack.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Tippingpoint ≫ Tipping Point Version50
Tippingpoint ≫ Tipping Point Version200
Tippingpoint ≫ Tipping Point Version200e
Tippingpoint ≫ Tipping Point Version400
Tippingpoint ≫ Tipping Point Version600e
Tippingpoint ≫ Tipping Point Version1200
Tippingpoint ≫ Tipping Point Version1200e
Tippingpoint ≫ Tipping Point Version2400e
Tippingpoint ≫ Tipping Point Version5000e
Tippingpoint ≫ Tipping Point Versionsms
Tippingpoint ≫ Tipping Point Versionx505
Tippingpoint ≫ Tipping Point Versionx506
Tippingpoint ≫ Tipping Point Versionzpha
3com ≫ Tippingpoint Ips Tos Version2.1
3com ≫ Tippingpoint Ips Tos Version2.1.4.6324
3com ≫ Tippingpoint Ips Tos Version2.2
3com ≫ Tippingpoint Ips Tos Version2.2.1
3com ≫ Tippingpoint Ips Tos Version2.2.1.6506
3com ≫ Tippingpoint Ips Tos Version2.2.2
3com ≫ Tippingpoint Ips Tos Version2.2.3
3com ≫ Tippingpoint Ips Tos Version2.2.4
3com ≫ Tippingpoint Ips Tos Version2.5
3com ≫ Tippingpoint Ips Tos Version2.5.1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 9.34% | 0.925 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.