CVE-2007-2688

Currently unrated

Key Information:

Vendor: Cisco
Status: Ips Sensor Software
Vendor: CVE Published:; 16 May 2007

Summary

The Cisco Intrusion Prevention System (IPS) and IOS with Firewall/IPS Feature Set do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic.

References

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://www.osvdb.org/35336

vdb-entryx_refsource_OSVDB

http://www.kb.cert.org/vuls/id/739224

third-party-advisoryx_refsource_CERT-VN

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 16, 2007
Vulnerability Reserved
May 15, 2007