CVE-2007-2137

{"id": "CVE-2007-2137", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-04-22T19:19:00.000", "references": [{"url": "http://secunia.com/advisories/24938", "source": "cve@mitre.org"}, {"url": "http://securityreason.com/securityalert/2597", "source": "cve@mitre.org"}, {"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24012341", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/466216/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/23558", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1017933", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/1456", "source": "cve@mitre.org"}, {"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-018.html", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33746", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in kde.dll in IBM Tivoli Monitoring Express 6.1.0 before Fix Pack 2, as used in Tivoli Universal Agent, Windows OS Monitoring agent, and Enterprise Portal Server, allows remote attackers to execute arbitrary code by sending a long string to a certain TCP port."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer basado en pila en kde.dll en IBM Tivoli Monitoring Express 6.1.0 before Fix Pack 2, utilizado en Tivoli Universal Agent, agente de Windows OS Monitoring, y Enterprise Portal Server, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s del env\u00edo de una cadena larga en ciertos puertos TCP."}], "lastModified": "2018-10-16T16:42:17.617", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:tivoli_monitoring_express:6.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FD72BEF0-F8AC-4E01-9852-05217C8B6A8E"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}