CVE-2007-5580

Currently unrated

Key Information:

Vendor: Cisco
Status: Security Agent
Vendor: CVE Published:; 15 December 2007

Summary

Buffer overflow in a certain driver in Cisco Security Agent 4.5.1 before 4.5.1.672, 5.0 before 5.0.0.225, 5.1 before 5.1.0.106, and 5.2 before 5.2.0.238 on Windows allows remote attackers to execute arbitrary code via a crafted SMB packet in a TCP session on port (1) 139 or (2) 445.

References

http://securityreason.com/securityalert/3425

third-party-advisoryx_refsource_SREASON

http://secunia.com/advisories/27947

third-party-advisoryx_refsource_SECUNIA

http://www.vupen.com/english/advisories/2007/4103

vdb-entryx_refsource_VUPEN

EPSS Score

23% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 15, 2007
Vulnerability Reserved
Oct 19, 2007