CVE-2007-2514

3 documents3 sources

Severity

9.3CRITICAL

EPSS

12.0%

top 6.21%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Centennial Discovery Numara Asset Manager Symantec Discovery

Timeline

PublishedJun 6

Latest updateMay 1

Description

Stack-based buffer overflow in XferWan.exe as used in multiple products including (1) Symantec Discovery 6.5, (2) Numara Asset Manager 8.0, and (3) Centennial UK Ltd Discovery 2006 Feature Pack, allows remote attackers to execute arbitrary code via a long request. NOTE: this might be a reservation duplicate of CVE-2007-1173.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages3 packages

▶NVDsymantec/discovery6.5

▶NVDcentennial/discovery2006_featurepack1

▶NVDnumara/asset_manager8.0

Patches

Patch: dvlabs.tippingpoint.com ↗Patch: www.securityfocus.com ↗Patch: dvlabs.tippingpoint.com ↗

🔴Vulnerability Details

GHSA

GHSA-69f9-9jhq-r4jq: Stack-based buffer overflow in XferWan↗2022-05-01

▶

CVEList

CVE-2007-2514: Stack-based buffer overflow in XferWan↗2007-06-06

▶