CVE Vulnerability

CVE-2007-2417

Heap-based buffer overflow in _mprosrv.exe in Progress Software Progress 9.1E and OpenEdge 10.1x, as used by the RSA Authentication Manager 6.0 and 6.1, SecurID Appliance 2.0, ACE/Server 5.2, and possibly other products, allows remote attackers to execute arbitrary code via crafted packets. NOTE: this issue might overlap CVE-2007-3491.

10 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 10 / Impact : 10

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Scope

References
Link Resource
http://dvlabs.tippingpoint.com/advisory/TPTI-07-12 Patch Vendor Advisory
http://secunia.com/advisories/26058 Patch Vendor Advisory
http://secunia.com/advisories/26067 Patch Vendor Advisory
http://www.securityfocus.com/bid/24675
http://www.securitytracker.com/id?1018389
http://www.vupen.com/english/advisories/2007/2530
http://www.vupen.com/english/advisories/2007/2531
http://osvdb.org/37934
https://exchange.xforce.ibmcloud.com/vulnerabilities/35385
http://www.securityfocus.com/archive/1/473623/100/0/threaded
Configurations

Configuration 1
Information

Published : 2007-07-15 09:30

Updated : 2020-03-27 02:07

NVD link : CVE-2007-2417

Mitre link : CVE-2007-2417

Products Affected

Ace Server

Rsa

CWE
NVD-CWE-Other