4.6

CVE-2007-3771

EPSS 0.05%
Published 15.07.2007 22:30:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Stack-based buffer overflow in the Internet E-mail Auto-Protect feature in Symantec AntiVirus Corporate Edition before 10.1, and Client Security before 3.1, allows local users to cause a denial of service (service crash) via a long (1) To, (2) From, or (3) Subject header in an outbound SMTP e-mail message.  NOTE: the original vendor advisory referenced CVE-2006-3456, but this was an error.

Affected products Warnungen 0 Metrics 2 CWE 0 References 11

Data is provided by the National Vulnerability Database (NVD)

Symantec ≫ Client Security Version2.0

Symantec ≫ Client Security Version3.0

Symantec ≫ Client Security Version3.0.1.1000

Symantec ≫ Client Security Version3.0.1.1007

Symantec ≫ Client Security Version3.0.1.1009

Symantec ≫ Client Security Version3.0.2

Symantec ≫ Client Security Version3.0.2.2000

Symantec ≫ Client Security Version3.0.2.2001

Symantec ≫ Client Security Version3.0.2.2002

Symantec ≫ Client Security Version3.0.2.2011

Symantec ≫ Client Security Version3.0.2.2021

Symantec ≫ Norton Antivirus Version9.0 Editioncorporate

Symantec ≫ Norton Antivirus Version9.0.0.338 Editioncorporate

Symantec ≫ Norton Antivirus Version9.0.1 Editioncorporate

Symantec ≫ Norton Antivirus Version9.0.1.1.1000 Editioncorporate

Symantec ≫ Norton Antivirus Version9.0.1.1000 Editioncorporate

Symantec ≫ Norton Antivirus Version9.0.2 Editioncorporate

Symantec ≫ Norton Antivirus Version9.0.2.1000 Editioncorporate

Symantec ≫ Norton Antivirus Version9.0.3.1000 Editioncorporate

Symantec ≫ Norton Antivirus Version9.0.4 Editioncorporate

Symantec ≫ Norton Antivirus Version9.0.5 Editioncorporate

Symantec ≫ Norton Antivirus Version9.0.5.1100 Editioncorporate

Symantec ≫ Norton Antivirus Version10.0 Editioncorporate

Symantec ≫ Norton Antivirus Version10.0.1.1000 Editioncorporate

Symantec ≫ Norton Antivirus Version10.0.1.1007 Editioncorporate

Symantec ≫ Norton Antivirus Version10.0.2.2000 Editioncorporate

Symantec ≫ Norton Antivirus Version10.0.2.2001 Editioncorporate

Symantec ≫ Norton Antivirus Version10.0.2.2002 Editioncorporate

Symantec ≫ Norton Antivirus Version10.0.2.2010 Editioncorporate

Symantec ≫ Norton Antivirus Version10.0.2.2011 Editioncorporate

Symantec ≫ Norton Antivirus Version10.0.2.2020 Editioncorporate

Symantec ≫ Norton Antivirus Version10.0.2.2021 Editioncorporate

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.05%	0.133

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.6	3.1	6.9	AV:L/AC:L/Au:S/C:N/I:N/A:C

http://osvdb.org/36115

http://secunia.com/advisories/26036

Patch

Vendor Advisory

http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11b.html

http://securitytracker.com/id?1018367

http://securitytracker.com/id?1018371

http://www.securityfocus.com/bid/24802

http://www.vupen.com/english/advisories/2007/2506

https://exchange.xforce.ibmcloud.com/vulnerabilities/35354

https://nvd.nist.gov/vuln/detail/CVE-2007-3771

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-3771

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-3771

EUVD