CVE-2007-2957

Integer overflow in McAfee E-Business Server before 8.5.3 for Solaris, and before 8.1.2 for Linux, HP-UX, and AIX, allows remote attackers to execute arbitrary code via a large length value in an authentication packet, which results in a heap-based buffer overflow.

Published: Oct 31, 2007
Updated: Apr 13, 2023
CVE: CVE-2007-2957
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-189

Affected Software
References

Software	From	Fixed in
mcafee / e-business_server	-	8.1.1.x
mcafee / e-business_server	-	8.5.2.x

http://secunia.com/advisories/26372
http://secunia.com/secunia_research/2007-69/advisory/
http://securitytracker.com/id?1018878
http://www.securityfocus.com/bid/26269
http://www.vupen.com/english/advisories/2007/3663
https://exchange.xforce.ibmcloud.com/vulnerabilities/38175
https://knowledge.mcafee.com/SupportSite/dynamickc.do?externalId=614035&sliceId=SAL_Public&command=show&forward=nonthreadedKC&kcId=614035

Vulnerability Database

289,697

CVE-2007-2957