CVE-2007-0447

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2007-0447
Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote attackers to execute arbitrary code via multiple crafted CAB archives.

9.3 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://www.zerodayinitiative.com/advisories/ZDI-07-040.html
http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11f.html Patch
http://www.securityfocus.com/bid/24282
http://secunia.com/advisories/26053 Vendor Advisory
http://www.vupen.com/english/advisories/2007/2508
http://osvdb.org/36118
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:symantec:antivirus_scan_engine:4.3.12:*:caching:*:*:*:*:*
cpe:2.3:a:symantec:antivirus_scan_engine:4.3.12:*:clearswift:*:*:*:*:*
cpe:2.3:a:symantec:antivirus_scan_engine:4.3:*:clearswift:*:*:*:*:*
cpe:2.3:a:symantec:antivirus_scan_engine:4.3:*:microsoft_sharepoint:*:*:*:*:*
cpe:2.3:a:symantec:brightmail_antispam:6.0.1:*:*:*:*:*:*:*
cpe:2.3:a:symantec:brightmail_antispam:6.0.2:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0.4:mr4_build1000:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.1.1001:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.1.1007:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.2.2020:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:2004:*:professional:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0.1.1.1000:*:corporate_edition:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.1.396:*:corporate_edition:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.2.2021:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.0.2.2010:*:corporate_edition:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:*:*:corporate_edition_for_linux:*:*:*:*:*
cpe:2.3:a:symantec:antivirus_scan_engine:4.3.12:*:messaging:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:4.6_build_97:*:exchange:*:*:*:*:*
cpe:2.3:a:symantec:antivirus_scan_engine:4.0:*:clearswift:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:4.1:build461:microsoft_exchange:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:4.0:*:domino:*:*:*:*:*
cpe:2.3:a:symantec:antivirus_scan_engine:4.0:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.0.2.2002:*:corporate_edition:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:4.6.3:*:microsoft_exchange:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0.1:*:macintosh:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:4.1:build459:microsoft_exchange:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:2004:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:2005:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.0.0.359:*:corporate_edition:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:4.0:*:microsoft_exchange:*:*:*:*:*
cpe:2.3:a:symantec:antivirus_scan_engine:4.3.12:*:microsoft_sharepoint:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.1.4.4010:*:corporate_edition:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.0.2.2011:*:corporate_edition:*:*:*:*:*
cpe:2.3:a:symantec:antivirus_scan_engine:5.0:*:*:*:*:*:*:*
cpe:2.3:a:symantec:antivirus_scan_engine:4.3:*:network_attached_storage:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0.2:*:macintosh:*:*:*:*:*
cpe:2.3:a:symantec:norton_internet_security:2005:11.5.6.14:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_system_works:2005:*:*:*:*:*:*:*
cpe:2.3:a:symantec:brightmail_antispam:6.0.3:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0.6:mr6:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.0.1.1000:*:corporate_edition:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.0.0:*:macintosh:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:5.0.1:*:smtp:*:*:*:*:*
cpe:2.3:a:symantec:web_security:3.01.62:*:*:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:4.5:*:microsoft_exchange:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.1.1008:*:*:*:*:*:*:*
cpe:2.3:a:symantec:web_security:3.01.61:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0.6.1000:*:corporate_edition:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0.2.1000:*:corporate_edition:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.1.4:mr4_mp1_build4010:corporate_edition:*:*:*:*:*
cpe:2.3:a:symantec:web_security:3.0:*:*:*:*:*:*:*
cpe:2.3:a:symantec:antivirus_scan_engine:4.3.3:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.0.2.2020:*:corporate_edition:*:*:*:*:*
cpe:2.3:a:symantec:antivirus_scan_engine:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0.5_build_1100_mp1:mr5:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.0.1.1007:*:corporate_edition:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.1.4:*:corporate_edition:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:4.0:build456:microsoft_exchange:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:4.0:build463:microsoft_exchange:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:5.0.0.204:*:microsoft_exchange:*:*:*:*:*
cpe:2.3:a:symantec:antivirus_scan_engine:4.1:*:*:*:*:*:*:*
cpe:2.3:a:symantec:web_security:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:symantec:antivirus_scan_engine:4.3.12:*:network_attached_storage:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:2005:11.0:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_internet_security:2006:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.1:*:*:*:*:*:*:*
cpe:2.3:a:symantec:antivirus_scan_engine:4.1.8:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.2.2000:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.1.394:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:2005:*:professional:*:*:*:*:*
cpe:2.3:a:symantec:norton_system_works:2005:*:premier:*:*:*:*:*
cpe:2.3:a:symantec:brightmail_antispam:4.0:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0:*:corporate_edition:*:*:*:*:*
cpe:2.3:a:symantec:brightmail_antispam:6.0.4:*:*:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:4.5.4.743:*:microsoft_exchange:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:4.0:build741:microsoft_exchange:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_internet_security:2006:*:professional:*:*:*:*:*
cpe:2.3:a:symantec:norton_internet_security:2004:*:professional:*:*:*:*:*
cpe:2.3:a:symantec:web_security:3.0.1_build_3.01.74:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.0.2.2001:*:corporate_edition:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0.0:*:macintosh:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:5.0:*:smtp:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:2005:11.0.9:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.0.1.1008:*:corporate_edition:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.1:*:corporate_edition:*:*:*:*:*
cpe:2.3:a:symantec:web_security:2.5:*:*:*:*:*:*:*
cpe:2.3:a:symantec:antivirus_scan_engine:4.3:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0.3:*:macintosh:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0:build_9.0.0.338:stm:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0.1_build_9.0.1.1000:mr1:*:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:4.0:build743:microsoft_exchange:*:*:*:*:*
cpe:2.3:a:symantec:norton_internet_security:2004:*:*:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:4.0.1:*:domino:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0.3_build_9.0.3.1000:mr3:*:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:4.0:build465:microsoft_exchange:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.0.1:*:macintosh:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:4.5_build_736:*:exchange:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.1.1000:*:*:*:*:*:*:*
cpe:2.3:a:symantec:web_security:3.0.1_build_3.01.70:*:*:*:*:*:*:*
cpe:2.3:a:symantec:symantec_antivirus_filtering_\+for_domino:3.0.12:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.0:*:corporate_edition:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0.0.338:*:corporate_edition:*:*:*:*:*
cpe:2.3:a:symantec:web_security:3.0.1.70:*:*:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:4.1:build458:microsoft_exchange:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.2.2002:*:*:*:*:*:*:*
cpe:2.3:a:symantec:antivirus_scan_engine:4.3.7.27:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_system_works:2006:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.1.401:*:corporate_edition:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.2.2011:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_internet_security:2005:*:professional:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.1.400:*:corporate_edition:*:*:*:*:*
cpe:2.3:a:symantec:web_security:5.0:*:microsoft_isa_2004:*:*:*:*:*
cpe:2.3:a:symantec:norton_personal_firewall:2006_9.1.0.33:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.1.396:*:*:*:*:*:*:*
cpe:2.3:a:symantec:web_security:3.01.68:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_system_works:3.0:*:macintosh:*:*:*:*:*
cpe:2.3:a:symantec:norton_internet_security:2005:11.0.9:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0:*:scf_7.1:*:*:*:*:*
cpe:2.3:a:symantec:antivirus_scan_engine:4.3.12:*:*:*:*:*:*:*
cpe:2.3:a:symantec:web_security:3.01.60:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.2.2001:*:*:*:*:*:*:*
cpe:2.3:a:symantec:brightmail_antispam:6.0:*:*:*:*:*:*:*
cpe:2.3:a:symantec:antivirus_scan_engine:4.3.8.29:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.0:*:macintosh:*:*:*:*:*
cpe:2.3:a:symantec:brightmail_antispam:5.5:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0.5.1100:*:corporate_edition:*:*:*:*:*
cpe:2.3:a:symantec:norton_internet_security:2005:11.0:*:*:*:*:*:*
cpe:2.3:a:symantec:web_security:3.0.1_build_3.01.72:*:*:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:5.1.0:*:domino:*:*:*:*:*
cpe:2.3:a:symantec:web_security:3.01.67:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:2006:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.0.2.2000:*:corporate_edition:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.1.394:*:corporate_edition:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:4.6.1.107:*:microsoft_exchange:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0.3.1000:*:corporate_edition:*:*:*:*:*
cpe:2.3:a:symantec:norton_personal_firewall:2006:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.1.401:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0.4:mr4_build_1000:corporate_edition:*:*:*:*:*
cpe:2.3:a:symantec:web_security:3.01.63:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.9.1:*:macintosh:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.0.359:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.1.400:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.2.2010:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0.4:*:corporate_edition:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:5.0:*:microsoft_exchange:*:*:*:*:*
cpe:2.3:a:symantec:antivirus_scan_engine:4.3:*:caching:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.0.2.2021:*:corporate_edition:*:*:*:*:*
cpe:2.3:a:symantec:norton_system_works:2004:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_personal_firewall:2006_9.1.1.7:*:*:*:*:*:*:*
cpe:2.3:a:symantec:web_security:3.01.59:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_internet_security:2005:*:*:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:4.5_build_719:*:exchange:*:*:*:*:*
cpe:2.3:a:symantec:norton_system_works:2005:11.0:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_internet_security:3.0:*:macintosh:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:6.0.0:*:microsoft_exchange:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0.5:*:corporate_edition:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0:*:macintosh:*:*:*:*:*
cpe:2.3:a:symantec:norton_system_works:2005:11.0.9:*:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:4.5_build_741:*:exchange:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:4.0:build736:microsoft_exchange:*:*:*:*:*
cpe:2.3:a:symantec:web_security:3.0.1.76:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0.2_build_9.0.2.1000:mr2:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:h:symantec:gateway_security_5400:2.0.1:*:*:*:*:*:*:*
cpe:2.3:h:symantec:mail_security_8820_appliance:*:*:*:*:*:*:*:*
cpe:2.3:h:symantec:gateway_security_5000_series:3.0.1:*:*:*:*:*:*:*
Information

Published : 2007-10-05 14:17

Updated : 2012-10-30 19:28

NVD link : CVE-2007-0447

Mitre link : CVE-2007-0447

JSON object : View

CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

Advertisement

dedicated server usa
Products Affected

symantec

  • brightmail_antispam
  • antivirus_scan_engine
  • norton_personal_firewall
  • norton_internet_security
  • norton_system_works
  • mail_security_8820_appliance
  • gateway_security_5400
  • norton_antivirus
  • client_security
  • symantec_antivirus_filtering_\+for_domino
  • gateway_security_5000_series
  • mail_security
  • web_security