Vulnerability Description
Buffer overflow in a certain driver in Cisco Security Agent 4.5.1 before 4.5.1.672, 5.0 before 5.0.0.225, 5.1 before 5.1.0.106, and 5.2 before 5.2.0.238 on Windows allows remote attackers to execute arbitrary code via a crafted SMB packet in a TCP session on port (1) 139 or (2) 445.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Security Agent | 2.1 |
Related Weaknesses (CWE)
References
- http://osvdb.org/39521
- http://secunia.com/advisories/27947Vendor Advisory
- http://securityreason.com/securityalert/3425
- http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBu
- http://www.cisco.com/en/US/products/products_security_advisory09186a008090a434.s
- http://www.nsfocus.com/english/homepage/research/0702.htm
- http://www.securityfocus.com/archive/1/484669/100/100/threaded
- http://www.securityfocus.com/bid/26723
- http://www.securitytracker.com/id?1019046
- http://www.vupen.com/english/advisories/2007/4103
- http://osvdb.org/39521
- http://secunia.com/advisories/27947Vendor Advisory
- http://securityreason.com/securityalert/3425
- http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBu
- http://www.cisco.com/en/US/products/products_security_advisory09186a008090a434.s
FAQ
What is CVE-2007-5580?
CVE-2007-5580 is a vulnerability with a CVSS score of 10.0 (HIGH). Buffer overflow in a certain driver in Cisco Security Agent 4.5.1 before 4.5.1.672, 5.0 before 5.0.0.225, 5.1 before 5.1.0.106, and 5.2 before 5.2.0.238 on Windows allows remote attackers to execute a...
How severe is CVE-2007-5580?
CVE-2007-5580 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-5580?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Security Agent.