CyberSec.Space Logo
Back to CVE Browser

CVE-2007-1666

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1640%
EPSS Percentile31.97th
PublishedMar 24, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

The processor_request function in the debugger server for DataRescue IDA Pro 5.0 and 5.1 does not verify that authentication has taken place before invoking the perform_request function, which allows remote attackers to perform unauthorized actions.

Affected Platforms (CPE)

πŸ“¦
Datarescue

Ida Pro

= 5.0
πŸ“¦
Datarescue

Ida Pro

= 5.1

References & Advisories

πŸ”— http://labs.idefense.com/intelligence/vulnerabilities/
πŸ”— http://secunia.com/advisories/24635
πŸ”— http://www.datarescue.com/freefiles/ida_remdeb_fix_22032007.zip
πŸ”— http://www.osvdb.org/33523
πŸ”— http://www.securityfocus.com/bid/23114
πŸ”— http://www.securitytracker.com/id?1017815
πŸ”— http://www.vupen.com/english/advisories/2007/1089
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/33190

Related Vulnerabilities

CVE-2011-105010.0

Unspecified vulnerability in Hex-Rays IDA Pro 5.7 and 6.0 has unknown impact and attack vectors related to "converson of string en...

CVE-2011-105110.0

Integer overflow in the COFF/EPOC/EXPLOAD input file loaders in Hex-Rays IDA Pro 5.7 and 6.0 has unknown impact and attack vectors...

CVE-2011-105410.0

Unspecified vulnerability in the PEF input file loader in Hex-Rays IDA Pro 5.7 and 6.0 has unknown impact and attack vectors.

CVE-2011-105210.0

Integer overflow in the PSX/GEOS input file loaders in Hex-Rays IDA Pro 5.7 and 6.0 has unknown impact and attack vectors related ...