Vulnslist

Cisco vulnerabilities by product, model, software, and advisory.

Cisco Security Agent for Windows System Driver Remote Buffer Overflow Vulnerability

cisco-sa-20071205-csa · Critical · Published · Updated

A buffer overflow vulnerability exists in a system driver used by the Cisco Security Agent for Microsoft Windows. This buffer overflow can be exploited remotely and causes corruption of kernel memory, which leads to a Windows stop error (blue screen) or to arbitrary code execution. The vulnerability is triggered during processing of a crafted TCP segment destined to TCP port 139 or 445. These ports are used by the Microsoft Server Message Block (SMB) protocol. Cisco has released software updates that address this vulnerability. Common Vulnerabilities and Exposures (CVE) identifier CVE-2007-5580 has been assigned to this vulnerability. This advisory is posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20071205-csa.

Cisco advisory · CSAF JSON

Workarounds

No workaround information imported yet.

CVEsCVE-2007-5580, CVE-2007-5582
Cisco Bug IDsNA
CVSS ScoreBase 10.0
Base 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C/CDP:N/TD:N/CR:ND/IR:ND/AR:ND
Product Names From Source
Cisco Intelligent Contact Manager (ICM), Cisco Unity, Cisco Emergency Responder, Cisco Conference Connection, Cisco Personal Assistant, Cisco Internet Service Node (ISN), Cisco Unified Contact Center, Cisco Security Agent, Cisco Unified MeetingPlace, Cisco Unified Customer Voice Portal (CVP), Cisco Unified IP IVR, Cisco IP Queue Manager, Cisco Unity Bridge, Cisco Unity Connection, Cisco Unified Communications Manager

Related Products

Product CVE Evidence
Cisco Unity Connection CVE-2007-5582 Cisco OpenVuln
Cisco Unity Connection CVE-2007-5580 Cisco OpenVuln
Cisco Unity Bridge CVE-2007-5582 Cisco OpenVuln
Cisco Unity Bridge CVE-2007-5580 Cisco OpenVuln
Cisco Unity CVE-2007-5582 Cisco OpenVuln
Cisco Unity CVE-2007-5580 Cisco OpenVuln
Cisco Unified MeetingPlace CVE-2007-5582 Cisco OpenVuln
Cisco Unified MeetingPlace CVE-2007-5580 Cisco OpenVuln
Cisco Unified IP IVR CVE-2007-5582 Cisco OpenVuln
Cisco Unified IP IVR CVE-2007-5580 Cisco OpenVuln
Cisco Unified Customer Voice Portal (CVP) CVE-2007-5582 Cisco OpenVuln
Cisco Unified Customer Voice Portal (CVP) CVE-2007-5580 Cisco OpenVuln
Cisco Unified Contact Center CVE-2007-5582 Cisco OpenVuln
Cisco Unified Contact Center CVE-2007-5580 Cisco OpenVuln
Cisco Unified Communications Manager CVE-2007-5582 Cisco OpenVuln
Cisco Unified Communications Manager CVE-2007-5580 Cisco OpenVuln
Cisco Security Agent CVE-2007-5582 Cisco OpenVuln
Cisco Security Agent CVE-2007-5580 Cisco OpenVuln
Cisco Personal Assistant CVE-2007-5582 Cisco OpenVuln
Cisco Personal Assistant CVE-2007-5580 Cisco OpenVuln
Cisco Internet Service Node (ISN) CVE-2007-5582 Cisco OpenVuln
Cisco Internet Service Node (ISN) CVE-2007-5580 Cisco OpenVuln
Cisco Intelligent Contact Manager (ICM) CVE-2007-5582 Cisco OpenVuln
Cisco Intelligent Contact Manager (ICM) CVE-2007-5580 Cisco OpenVuln
Cisco IP Queue Manager CVE-2007-5582 Cisco OpenVuln
Cisco IP Queue Manager CVE-2007-5580 Cisco OpenVuln
Cisco Emergency Responder CVE-2007-5582 Cisco OpenVuln
Cisco Emergency Responder CVE-2007-5580 Cisco OpenVuln
Cisco Conference Connection CVE-2007-5582 Cisco OpenVuln
Cisco Conference Connection CVE-2007-5580 Cisco OpenVuln