CyberSec.Space Logo
CVEブラウザに戻る

CVE-2007-2137

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0290%
EPSS Percentile6.94th
Published2007年4月22日
Last Modified2026年4月23日

Vulnerability Description

Heap-based buffer overflow in kde.dll in IBM Tivoli Monitoring Express 6.1.0 before Fix Pack 2, as used in Tivoli Universal Agent, Windows OS Monitoring agent, and Enterprise Portal Server, allows remote attackers to execute arbitrary code by sending a long string to a certain TCP port.

Affected Platforms (CPE)

📦
Ibm

Tivoli Monitoring Express

= 6.1.0

References & Advisories

🔗 http://secunia.com/advisories/24938
🔗 http://securityreason.com/securityalert/2597
🔗 http://www-1.ibm.com/support/docview.wss?uid=swg24012341
🔗 http://www.securityfocus.com/archive/1/466216/100/0/threaded
🔗 http://www.securityfocus.com/bid/23558
🔗 http://www.securitytracker.com/id?1017933
🔗 http://www.vupen.com/english/advisories/2007/1456
🔗 http://www.zerodayinitiative.com/advisories/ZDI-07-018.html

関連する脆弱性情報

CVE-2011-40616.9

Multiple untrusted search path vulnerabilities in (1) db2rspgn and (2) kbbacf1 in IBM DB2 Express Edition 9.7, as used in the IBM ...

CVE-2007-350010.0

Xeweb XEForum allows remote attackers to gain privileges via a modified xeforum cookie.

CVE-2007-182210.0

Alcatel-Lucent Lucent Technologies voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailbo...

CVE-2007-158710.0

templates/config/mail.tpl in Tim Soderstrom StatsDawg 0.92 allows remote attackers to execute arbitrary programs by specifying the...