CVE-2007-2952
published 2008-08-01CVE-2007-2952: Multiple stack-based buffer overflows in the filter service (aka k9filter.exe) in Blue Coat K9 Web Protection 3.2.44 with Filter 3.2.32 allow (1) remote…
PriorityP350critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
15.49%
96.4th percentile
Multiple stack-based buffer overflows in the filter service (aka k9filter.exe) in Blue Coat K9 Web Protection 3.2.44 with Filter 3.2.32 allow (1) remote attackers to execute arbitrary code via a long HTTP Referer header to the K9 Web Protection Administration interface and (2) man-in-the-middle attackers to execute arbitrary code via an HTTP response with a long HTTP version field.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| blue_coat_systems | filter | — | — |
| blue_coat_systems | k9_web_protection | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://secunia.com/advisories/25813http://secunia.com/secunia_research/2007-61/advisory/http://secunia.com/secunia_research/2007-64/advisory/http://www.securityfocus.com/archive/1/494975/100/0/threadedhttp://www.securityfocus.com/archive/1/494984/100/0/threadedhttp://www.securityfocus.com/bid/30463http://www.securityfocus.com/bid/30464http://www.securitytracker.com/id?1020587http://www.securitytracker.com/id?1020588http://www.vupen.com/english/advisories/2008/2263/referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/44123https://exchange.xforce.ibmcloud.com/vulnerabilities/44124http://secunia.com/advisories/25813http://secunia.com/secunia_research/2007-61/advisory/http://secunia.com/secunia_research/2007-64/advisory/http://www.securityfocus.com/archive/1/494975/100/0/threadedhttp://www.securityfocus.com/archive/1/494984/100/0/threadedhttp://www.securityfocus.com/bid/30463http://www.securityfocus.com/bid/30464http://www.securitytracker.com/id?1020587http://www.securitytracker.com/id?1020588http://www.vupen.com/english/advisories/2008/2263/referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/44123https://exchange.xforce.ibmcloud.com/vulnerabilities/44124
2008-08-01
Published