CVE-2007-2687 - Stack-based buffer overflow in the MicroWorld Agent service (MWAGENT.EXE) in MicroWorld Technologies

CVE-2007-2687

Summary

Stack-based buffer overflow in the MicroWorld Agent service (MWAGENT.EXE) in MicroWorld Technologies eScan before 9.0.718.1 allows remote attackers to execute arbitrary code via a long command. The vendor has addressed this issue with the following product update: http://www.mwti.net/support/microworld_support.asp

References

Vulnerable Configurations

cpe:2.3:a:microworld_technologies:escan:9.0.715.1:*:*:*:*:*:*:*
cpe:2.3:a:microworld_technologies:escan:9.0.715.1:*:*:*:*:*:*:*

CVSS

Base:	10.0 (as of 16-10-2018 - 16:45)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:C/I:C/A:C

refmap via4

bid	24112
bugtraq	20070523 Secunia Research: eScan Products Agent Service Command DecryptionBuffer Overflow
misc	http://secunia.com/secunia_research/2007-54/advisory/
osvdb	36580
secunia	25136
vupen	ADV-2007-1917
xf	escan-mwagent-bo(34457)

Last major update

16-10-2018 - 16:45

Published

24-05-2007 - 02:30

Last modified

16-10-2018 - 16:45