CVE-2007-2957

Currently unrated

Key Information:

Vendor: Mcafee
Status: E-business Server
Vendor: CVE Published:; 31 October 2007

Summary

Integer overflow in McAfee E-Business Server before 8.5.3 for Solaris, and before 8.1.2 for Linux, HP-UX, and AIX, allows remote attackers to execute arbitrary code via a large length value in an authentication packet, which results in a heap-based buffer overflow.

References

https://knowledge.mcafee.com/SupportSite/dynamickc.do?ext...

x_refsource_CONFIRM

http://www.vupen.com/english/advisories/2007/3663

vdb-entryx_refsource_VUPEN

http://secunia.com/advisories/26372

third-party-advisoryx_refsource_SECUNIA

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Oct 31, 2007
Vulnerability Reserved
May 31, 2007