Vulnerability Description
The Linux Access Gateway in Novell Access Manager before 3.0 SP1 Release Candidate 1 (RC1) allows remote attackers to bypass unspecified security controls via Fullwidth/Halfwidth Unicode encoded data in a HTTP POST request.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Novell | Access Manager | 3 |
References
- http://www.novell.com/documentation/novellaccessmanager/readme/accessmanager_rea
- http://www.vupen.com/english/advisories/2007/2390
- http://www.vupen.com/english/advisories/2007/3075
- https://secure-support.novell.com/KanisaPlatform/Publishing/539/3193302_f.SAL_Pu
- http://www.novell.com/documentation/novellaccessmanager/readme/accessmanager_rea
- http://www.vupen.com/english/advisories/2007/2390
- http://www.vupen.com/english/advisories/2007/3075
- https://secure-support.novell.com/KanisaPlatform/Publishing/539/3193302_f.SAL_Pu
FAQ
What is CVE-2007-3570?
CVE-2007-3570 is a vulnerability with a CVSS score of 7.5 (HIGH). The Linux Access Gateway in Novell Access Manager before 3.0 SP1 Release Candidate 1 (RC1) allows remote attackers to bypass unspecified security controls via Fullwidth/Halfwidth Unicode encoded data ...
How severe is CVE-2007-3570?
CVE-2007-3570 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-3570?
Check the references section above for vendor advisories and patch information. Affected products include: Novell Access Manager.