CVE-2007-5475

Multiple buffer overflows in the Marvell wireless driver, as used in Linksys WAP4400N Wi-Fi access point with firmware 1.2.17 on the Marvell 88W8361P-BEM1 chipset, and other products, allow remote 802.11-authenticated users to cause a denial of service (wireless access point crash) and possibly execute arbitrary code via an association request with long (1) rates, (2) extended rates, and unspecified other information elements.

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:S/C:N/I:N/A:C

Exploitability : 8.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
http://secunia.com/advisories/37345
http://www.securityfocus.com/archive/1/507781/100/0/threaded
http://www.vupen.com/english/advisories/2009/3239
http://secunia.com/advisories/37345
http://www.securityfocus.com/archive/1/507781/100/0/threaded
http://www.vupen.com/english/advisories/2009/3239

Configurations

Configuration 1 (hide)

AND

cpe:2.3:h:marvell:88w8361p-bem_chipset:*:*:*:*:*:*:*:*

cpe:2.3:h:linksys:wap4400n:1.2.17:*:*:*:*:*:*:*

History

21 Nov 2024, 00:37

Type	Values Removed	Values Added
References	~~() http://secunia.com/advisories/37345 -~~	() http://secunia.com/advisories/37345 -
References	~~() http://www.securityfocus.com/archive/1/507781/100/0/threaded -~~	() http://www.securityfocus.com/archive/1/507781/100/0/threaded -
References	~~() http://www.vupen.com/english/advisories/2009/3239 -~~	() http://www.vupen.com/english/advisories/2009/3239 -

Information

Published : 2009-11-12 23:30

Updated : 2024-11-21 00:37

NVD link : CVE-2007-5475

Mitre link : CVE-2007-5475

CVE.ORG link : CVE-2007-5475

JSON object : View

Products Affected

linksys

wap4400n

marvell

88w8361p-bem_chipset

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

{"id": "CVE-2007-5475", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2009-11-12T23:30:00.517", "references": [{"url": "http://secunia.com/advisories/37345", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/507781/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2009/3239", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/37345", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/507781/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2009/3239", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Multiple buffer overflows in the Marvell wireless driver, as used in Linksys WAP4400N Wi-Fi access point with firmware 1.2.17 on the Marvell 88W8361P-BEM1 chipset, and other products, allow remote 802.11-authenticated users to cause a denial of service (wireless access point crash) and possibly execute arbitrary code via an association request with long (1) rates, (2) extended rates, and unspecified other information elements."}, {"lang": "es", "value": "M\u00faltiples desbordamientos de b\u00fafer en el driver inal\u00e1mbrico Marvell, tal como se usa en el punto de acceso Wi-Fi Linksys WAP4400N con firmware 1.2.17 en el chipset Marvell 88W8361P-BEM1 y otros productos, permite a usuarios remotos 802.11-autenticados provocar una denegaci\u00f3n de servicio (ca\u00edda del punto de acceso inal\u00e1mbrico) y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n mediante una petici\u00f3n de asociaci\u00f3n con ratios normales y extendidos demasiado largos y otros elementos de informaci\u00f3n no especificados."}], "lastModified": "2024-11-21T00:37:58.797", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:marvell:88w8361p-bem_chipset:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8CF02028-370A-423B-AB74-ED7E0AA4BDBA"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:linksys:wap4400n:1.2.17:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D0DEB9EE-AF7E-453F-BFB1-26750B0E4293"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}