CyberSec.Space Logo
Back to CVE Browser

CVE-2007-2137

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0290%
EPSS Percentile6.94th
PublishedApr 22, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

Heap-based buffer overflow in kde.dll in IBM Tivoli Monitoring Express 6.1.0 before Fix Pack 2, as used in Tivoli Universal Agent, Windows OS Monitoring agent, and Enterprise Portal Server, allows remote attackers to execute arbitrary code by sending a long string to a certain TCP port.

Affected Platforms (CPE)

πŸ“¦
Ibm

Tivoli Monitoring Express

= 6.1.0

References & Advisories

πŸ”— http://secunia.com/advisories/24938
πŸ”— http://securityreason.com/securityalert/2597
πŸ”— http://www-1.ibm.com/support/docview.wss?uid=swg24012341
πŸ”— http://www.securityfocus.com/archive/1/466216/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/23558
πŸ”— http://www.securitytracker.com/id?1017933
πŸ”— http://www.vupen.com/english/advisories/2007/1456
πŸ”— http://www.zerodayinitiative.com/advisories/ZDI-07-018.html

Related Vulnerabilities

CVE-2011-40616.9

Multiple untrusted search path vulnerabilities in (1) db2rspgn and (2) kbbacf1 in IBM DB2 Express Edition 9.7, as used in the IBM ...

CVE-2007-049610.0

PHP remote file inclusion vulnerability in lib/nl/nl.php in Neon Labs Website (nlws) 3.2 and earlier allows remote attackers to ex...

CVE-2007-023610.0

Double free vulnerability in the _ATPsndrsp function in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attacker...

CVE-2007-025410.0

Format string vulnerability in the errors_create_window function in errors.c in xine-ui allows attackers to execute arbitrary code...