CVE-2007-5580

CWE-119 โ€” Buffer Overflow4 documents4 sources
Severity
10.0CRITICAL
EPSS
16.5%
top 5.10%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Security Agent
Timeline
PublishedDec 15
Latest updateMay 1

Description

Buffer overflow in a certain driver in Cisco Security Agent 4.5.1 before 4.5.1.672, 5.0 before 5.0.0.225, 5.1 before 5.1.0.106, and 5.2 before 5.2.0.238 on Windows allows remote attackers to execute arbitrary code via a crafted SMB packet in a TCP session on port (1) 139 or (2) 445.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

โ–ถNVDcisco/security_agent18 versions+17

๐Ÿ”ดVulnerability Details

2
GHSA
GHSA-pvxg-g7h5-249r: Buffer overflow in a certain driver in Cisco Security Agent 4โ†—2022-05-01
โ–ถ
CVEList
CVE-2007-5580: Buffer overflow in a certain driver in Cisco Security Agent 4โ†—2007-12-15
โ–ถ

๐Ÿ“‹Vendor Advisories

1
Cisco
Cisco Security Agent for Windows System Driver Remote Buffer Overflow Vulnerabilityโ†—2007-12-05
โ–ถ
CVE-2007-5580 (CRITICAL CVSS 10) | Buffer overflow in a certain driver | cvebase.io