返回 CVE 瀏覽器

CVE-2007-2137

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0290%

EPSS Percentile6.94th

Published2007年4月22日

Last Modified2026年4月23日

Vulnerability Description

Heap-based buffer overflow in kde.dll in IBM Tivoli Monitoring Express 6.1.0 before Fix Pack 2, as used in Tivoli Universal Agent, Windows OS Monitoring agent, and Enterprise Portal Server, allows remote attackers to execute arbitrary code by sending a long string to a certain TCP port.

Affected Platforms (CPE)

📦

Ibm

Tivoli Monitoring Express

= 6.1.0

References & Advisories

🔗 http://secunia.com/advisories/24938

🔗 http://securityreason.com/securityalert/2597

🔗 http://www-1.ibm.com/support/docview.wss?uid=swg24012341

🔗 http://www.securityfocus.com/archive/1/466216/100/0/threaded

🔗 http://www.securityfocus.com/bid/23558

🔗 http://www.securitytracker.com/id?1017933

🔗 http://www.vupen.com/english/advisories/2007/1456

🔗 http://www.zerodayinitiative.com/advisories/ZDI-07-018.html

相關漏洞威脅

CVE-2011-40616.9

Multiple untrusted search path vulnerabilities in (1) db2rspgn and (2) kbbacf1 in IBM DB2 Express Edition 9.7, as used in the IBM ...

CVE-2007-350010.0

Xeweb XEForum allows remote attackers to gain privileges via a modified xeforum cookie.

CVE-2007-049610.0

PHP remote file inclusion vulnerability in lib/nl/nl.php in Neon Labs Website (nlws) 3.2 and earlier allows remote attackers to ex...

CVE-2007-158710.0

templates/config/mail.tpl in Tim Soderstrom StatsDawg 0.92 allows remote attackers to execute arbitrary programs by specifying the...