Vulnerability Description
Cisco PIX 500 and ASA 5500 Series Security Appliances 7.0 before 7.0(4.14) and 7.1 before 7.1(2.1), and the FWSM 2.x before 2.3(4.12) and 3.x before 3.1(3.24), when "inspect http" is enabled, allows remote attackers to cause a denial of service (device reboot) via malformed HTTP traffic.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Firewall Services Module | 2.3 |
| Cisco | Asa 5500 | 7.0 |
| Cisco | Pix Firewall Software | 7.0 |
References
- http://osvdb.org/33055
- http://secunia.com/advisories/24160Vendor Advisory
- http://secunia.com/advisories/24180PatchVendor Advisory
- http://securitytracker.com/id?1017651Patch
- http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.sPatchVendor Advisory
- http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2484.sPatchVendor Advisory
- http://www.securityfocus.com/bid/22561
- http://www.securityfocus.com/bid/22562
- http://www.securitytracker.com/id?1017652
- http://www.vupen.com/english/advisories/2007/0608
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32486
- http://osvdb.org/33055
- http://secunia.com/advisories/24160Vendor Advisory
- http://secunia.com/advisories/24180PatchVendor Advisory
- http://securitytracker.com/id?1017651Patch
FAQ
What is CVE-2007-0962?
CVE-2007-0962 is a vulnerability with a CVSS score of 7.8 (HIGH). Cisco PIX 500 and ASA 5500 Series Security Appliances 7.0 before 7.0(4.14) and 7.1 before 7.1(2.1), and the FWSM 2.x before 2.3(4.12) and 3.x before 3.1(3.24), when "inspect http" is enabled, allows r...
How severe is CVE-2007-0962?
CVE-2007-0962 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-0962?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Firewall Services Module, Cisco Asa 5500, Cisco Pix Firewall Software.