CVE-2007-2522

CWE-119 — Buffer Overflow3 documents3 sources

Severity

10.0CRITICAL

EPSS

46.1%

top 2.37%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Broadcom Antispyware FOR THE Enterprise Broadcom Etrust Integrated Threat Management Broadcom Etrust Pestpatrol

Timeline

PublishedMay 11

Latest updateMay 1

Description

Stack-based buffer overflow in the inoweb Console Server in CA Anti-Virus for the Enterprise r8, Threat Manager r8, Anti-Spyware for the Enterprise r8, and Protection Suites r3 allows remote attackers to execute arbitrary code via a long (1) username or (2) password.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages3 packages

▶NVDbroadcom/antispyware8.0

▶NVDbroadcom/etrust_integrated_threat_management8.0

▶NVDbroadcom/etrust_pestpatrol8.0

🔴Vulnerability Details

GHSA

GHSA-fc84-396x-x24g: Stack-based buffer overflow in the inoweb Console Server in CA Anti-Virus for the Enterprise r8, Threat Manager r8, Anti-Spyware for the Enterprise r8↗2022-05-01

▶

CVEList

CVE-2007-2522: Stack-based buffer overflow in the inoweb Console Server in CA Anti-Virus for the Enterprise r8, Threat Manager r8, Anti-Spyware for the Enterprise r8↗2007-05-11

▶