CVE-2007-2602

{"id": "CVE-2007-2602", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-05-11T10:19:00.000", "references": [{"url": "http://osvdb.org/36217", "source": "cve@mitre.org"}, {"url": "http://securityreason.com/securityalert/2708", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/468070/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://osvdb.org/36217", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securityreason.com/securityalert/2708", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/468070/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Buffer overflow in MIBEXTRA.EXE in Ipswitch WhatsUp Gold 11 allows attackers to cause a denial of service (application crash) or execute arbitrary code via a long MIB filename argument. NOTE: If there is not a common scenario under which MIBEXTRA.EXE is called with attacker-controlled command line arguments, then perhaps this issue should not be included in CVE."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer en el MIBEXTRA.EXE del Ipswitch WhatsUp Gold 11 permite a los atacantes provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) o ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un argumento de nombre de fichero MIB largo. NOTA: Si no hay un escenario com\u00fan bajo el que el MIBEXTRA.EXE es llamado con un ataque controlado por argumentos de l\u00ednea de comandos, tal vez esta vulnerabilidad no deber\u00eda de incluirse en el CVE."}], "lastModified": "2024-11-21T00:31:11.937", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:progress:whatsup_gold:11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0CB68BF8-899B-4473-A29C-DFADAA70A64B"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}