CyberSec.Space Logo
CVEブラウザに戻る

CVE-2007-1666

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1640%
EPSS Percentile31.97th
Published2007年3月24日
Last Modified2026年4月23日

Vulnerability Description

The processor_request function in the debugger server for DataRescue IDA Pro 5.0 and 5.1 does not verify that authentication has taken place before invoking the perform_request function, which allows remote attackers to perform unauthorized actions.

Affected Platforms (CPE)

📦
Datarescue

Ida Pro

= 5.0
📦
Datarescue

Ida Pro

= 5.1

References & Advisories

🔗 http://labs.idefense.com/intelligence/vulnerabilities/
🔗 http://secunia.com/advisories/24635
🔗 http://www.datarescue.com/freefiles/ida_remdeb_fix_22032007.zip
🔗 http://www.osvdb.org/33523
🔗 http://www.securityfocus.com/bid/23114
🔗 http://www.securitytracker.com/id?1017815
🔗 http://www.vupen.com/english/advisories/2007/1089
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/33190

関連する脆弱性情報

CVE-2011-105010.0

Unspecified vulnerability in Hex-Rays IDA Pro 5.7 and 6.0 has unknown impact and attack vectors related to "converson of string en...

CVE-2011-105110.0

Integer overflow in the COFF/EPOC/EXPLOAD input file loaders in Hex-Rays IDA Pro 5.7 and 6.0 has unknown impact and attack vectors...

CVE-2011-105410.0

Unspecified vulnerability in the PEF input file loader in Hex-Rays IDA Pro 5.7 and 6.0 has unknown impact and attack vectors.

CVE-2011-105210.0

Integer overflow in the PSX/GEOS input file loaders in Hex-Rays IDA Pro 5.7 and 6.0 has unknown impact and attack vectors related ...

CVE-2007-1666 Detail & Impact Analysis | CVSS 10.0 (CRITICAL) | Cyber-Sec.Space | Cyber-Sec.Space