CyberSec.Space Logo
CVEブラウザに戻る

CVE-2007-2489

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0380%
EPSS Percentile0.93th
Published2007年5月3日
Last Modified2026年4月23日

Vulnerability Description

Heap-based buffer overflow in LiveData Protocol Server 5.00.045, and other versions before update 500062 (5.00.062), allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted request for a WSDL file that causes a negative length to be used in a strncpy call.

Affected Platforms (CPE)

📦
Livedata

Protocol Server

<= 5.00.045

References & Advisories

🔗 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=523
🔗 http://osvdb.org/35529
🔗 http://secunia.com/advisories/25076
🔗 http://www.kb.cert.org/vuls/id/213516
🔗 http://www.securityfocus.com/bid/23773
🔗 http://www.securitytracker.com/id?1017998
🔗 http://www.vupen.com/english/advisories/2007/1633
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/34031

関連する脆弱性情報

CVE-2002-135910.0

Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause ...

CVE-2021-224810.0

Vulnerability in the Oracle Secure Global Desktop product of Oracle Virtualization (component: Server). The supported version that...

CVE-2020-079610.0

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles cer...

CVE-2002-135710.0

Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allo...