Back to CVE Browser

CVE-2007-2059

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.1910%

EPSS Percentile29.06th

PublishedApr 18, 2007

Last ModifiedApr 23, 2026

Vulnerability Description

Multiple buffer overflows in the ESA protocol implementation in eIQnetworks Enterprise Security Analyzer (ESA) 2.5 allow remote attackers to execute arbitrary code via a long parameter to the (1) DELETESEARCHFOLDER, (2) DELTASK, (3) HMGR_CHECKHOSTSCSV, (4) TASKUPDATEDUSER, (5) VERIFYUSERKEY, or (6) VERIFYPWD command.

Affected Platforms (CPE)

📦

Eiqnetworks

Enterprise Security Analyzer

= 2.5

References & Advisories

🔗 http://secunia.com/advisories/24881

🔗 http://www.infigo.hr/en/in_focus/advisories/INFIGO-2007-04-05

🔗 http://www.securityfocus.com/archive/1/465488/100/0/threaded

🔗 http://www.vupen.com/english/advisories/2007/1380

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/33646

🔗 http://secunia.com/advisories/24881

🔗 http://www.infigo.hr/en/in_focus/advisories/INFIGO-2007-04-05

🔗 http://www.securityfocus.com/archive/1/465488/100/0/threaded

Related Vulnerabilities

CVE-2006-383810.0

Multiple stack-based buffer overflows in eIQnetworks Enterprise Security Analyzer (ESA) before 2.5.0, as used in products includin...

CVE-2007-56996.8

Stack-based buffer overflow in eIQNetworks Enterprise Security Analyzer (ESA) 2.5 allows remote attackers to execute arbitrary cod...

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Mes...

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust...