CVE-2007-4286

Exploit

EPSS 62.64%
Veröffentlicht 09.08.2007 21:17:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Buffer overflow in the Next Hop Resolution Protocol (NHRP) functionality in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (restart) and execute arbitrary code via a crafted NHRP packet.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 12

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cisco ≫ Ios Version12.0

Cisco ≫ Ios Version12.1

Cisco ≫ Ios Version12.2

Cisco ≫ Ios Version12.3

Cisco ≫ Ios Version12.4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	62.64%	0.982

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://secunia.com/advisories/26360

http://www.cisco.com/en/US/products/products_security_advisory09186a008089963b.shtml

http://www.kb.cert.org/vuls/id/201984

US Government Resource

http://www.securityfocus.com/archive/1/475931/100/0/threaded

http://www.securityfocus.com/bid/25238

Exploit

http://www.securitytracker.com/id?1018535

http://www.vupen.com/english/advisories/2007/2818

https://exchange.xforce.ibmcloud.com/vulnerabilities/35889

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5675

https://nvd.nist.gov/vuln/detail/CVE-2007-4286

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-4286

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-4286

EUVD