CVE-2007-2688

The Cisco Intrusion Prevention System (IPS) and IOS with Firewall/IPS Feature Set do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic.

Published: May 16, 2007
Updated: Apr 13, 2023
CVE: CVE-2007-2688
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
cisco / ips_sensor_software	5.1(1e)	5.1(1e).x
cisco / ips_sensor_software	5.0(1)	5.0(1).x
cisco / ips_sensor_software	5.0(2)	5.0(2).x
cisco / ips_sensor_software	5.0(6)p1	5.0(6)p1.x
cisco / ips_sensor_software	5.1(p1)	5.1(p1).x
cisco / ips_sensor_software	4.0	4.0.x
cisco / ips_sensor_software	5.1(1)	5.1(1).x
cisco / ips_sensor_software	5.1(1b)	5.1(1b).x
cisco / ips_sensor_software	5.1(1d)	5.1(1d).x
cisco / ips_sensor_software	5.1(1a)	5.1(1a).x
cisco / ips_sensor_software	5.1(1c)	5.1(1c).x
cisco / ios	10.0	10.0.x
cisco / ios	12.0st	12.0st.x
cisco / ios	12.1e	12.1e.x
cisco / ios	12.1t	12.1t.x
cisco / ios	12.2t	12.2t.x
cisco / ios	11.1cc	11.1cc.x
cisco / ios	12.0t	12.0t.x
cisco / ios	11.3	11.3.x
cisco / ios	12.1	12.1.x
cisco / ios	12.0s	12.0s.x
cisco / ios	12.2	12.2.x
cisco / ios	12.0	12.0.x

Vulnerability Database

289,784

CVE-2007-2688