Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.2
CVSSv2

CVE-2007-2523

Published: 11/05/2007 Updated: 09/04/2021
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
VMScore: 725
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Integrated Threat Management

Vulnerability Summary

CA Anti-Virus for the Enterprise r8 and Threat Manager r8 prior to 20070510 use weak permissions (NULL security descriptor) for the Task Service shared file mapping, which allows local users to modify this mapping and gain privileges by triggering a stack-based buffer overflow in InoCore.dll prior to 8.0.448.0.

Vulnerable Product Search on Vulmon Subscribe to Product

broadcom integrated threat management 8.0

ca anti-virus for the enterprise 8

Exploits

Exploit DB: CA (Multiple Products) - Console Server / 'InoCore.dll' Remote Code Execution
source: wwwsecurityfocuscom/bid/23906/info Multiple products by Computer Associates are prone to multiple vulnerabilities that will allow remote attackers to execute arbitrary code on an affected computer Successful exploits will allow attacker-supplied arbitrary code to run within the context of the affected server Failed exploit atte ...

References

NVD-CWE-Otherhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=530http://supportconnectw.ca.com/public/antivirus/infodocs/caav-secnotice050807.asphttp://www.securityfocus.com/bid/23906http://blog.48bits.com/?p=103http://www.kb.cert.org/vuls/id/788416http://www.securitytracker.com/id?1018043http://secunia.com/advisories/25202http://lists.grok.org.uk/pipermail/full-disclosure/2007-May/063275.htmlhttp://www.osvdb.org/34586http://www.vupen.com/english/advisories/2007/1750http://www.securityfocus.com/archive/1/468306/100/0/threadedhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/30019/https://www.kb.cert.org/vuls/id/788416
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675CVE-2024-3400CVE-2024-23557mass assignmentCVE-2023-1389local file inclusionCVE-2024-32596file uploadCVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook