cvelistv5 - cve-2007-3771

cve-2007-3771

Vulnerability from cvelistv5

Published

2007-07-15 22:00

Modified

2024-08-07 14:28

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://osvdb.org/36115
cve@mitre.org	http://secunia.com/advisories/26036	Patch, Vendor Advisory
cve@mitre.org	http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11b.html
cve@mitre.org	http://securitytracker.com/id?1018367
cve@mitre.org	http://securitytracker.com/id?1018371
cve@mitre.org	http://www.securityfocus.com/bid/24802
cve@mitre.org	http://www.vupen.com/english/advisories/2007/2506
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/35354
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/36115
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26036	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11b.html
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1018367
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1018371
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/24802
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/2506
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/35354

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T14:28:52.380Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1018371",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1018371"
          },
          {
            "name": "26036",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26036"
          },
          {
            "name": "1018367",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1018367"
          },
          {
            "name": "symantec-antivirus-emailautoprotect-bo(35354)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35354"
          },
          {
            "name": "ADV-2007-2506",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2506"
          },
          {
            "name": "24802",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/24802"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11b.html"
          },
          {
            "name": "36115",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/36115"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-07-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in the Internet E-mail Auto-Protect feature in Symantec AntiVirus Corporate Edition before 10.1, and Client Security before 3.1, allows local users to cause a denial of service (service crash) via a long (1) To, (2) From, or (3) Subject header in an outbound SMTP e-mail message.  NOTE: the original vendor advisory referenced CVE-2006-3456, but this was an error."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1018371",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1018371"
        },
        {
          "name": "26036",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26036"
        },
        {
          "name": "1018367",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1018367"
        },
        {
          "name": "symantec-antivirus-emailautoprotect-bo(35354)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35354"
        },
        {
          "name": "ADV-2007-2506",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2506"
        },
        {
          "name": "24802",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/24802"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11b.html"
        },
        {
          "name": "36115",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/36115"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-3771",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in the Internet E-mail Auto-Protect feature in Symantec AntiVirus Corporate Edition before 10.1, and Client Security before 3.1, allows local users to cause a denial of service (service crash) via a long (1) To, (2) From, or (3) Subject header in an outbound SMTP e-mail message.  NOTE: the original vendor advisory referenced CVE-2006-3456, but this was an error."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1018371",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1018371"
            },
            {
              "name": "26036",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26036"
            },
            {
              "name": "1018367",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1018367"
            },
            {
              "name": "symantec-antivirus-emailautoprotect-bo(35354)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35354"
            },
            {
              "name": "ADV-2007-2506",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2506"
            },
            {
              "name": "24802",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/24802"
            },
            {
              "name": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11b.html",
              "refsource": "CONFIRM",
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11b.html"
            },
            {
              "name": "36115",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/36115"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-3771",
    "datePublished": "2007-07-15T22:00:00",
    "dateReserved": "2007-07-15T00:00:00",
    "dateUpdated": "2024-08-07T14:28:52.380Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2007-3771\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2007-07-15T22:30:00.000\",\"lastModified\":\"2024-11-21T00:34:01.600\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Stack-based buffer overflow in the Internet E-mail Auto-Protect feature in Symantec AntiVirus Corporate Edition before 10.1, and Client Security before 3.1, allows local users to cause a denial of service (service crash) via a long (1) To, (2) From, or (3) Subject header in an outbound SMTP e-mail message.  NOTE: the original vendor advisory referenced CVE-2006-3456, but this was an error.\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de b\u00fafer basado en pila en la caracter\u00edstica Internet E-mail Auto-Protect de Symantec AntiVirus Corporate Edition anterior a 10.1, y Client Security anterior a 3.1, permite a usuarios locales provocar una denegaci\u00f3n de servicio (ca\u00edda del servicio) mediante cabeceras (1) To, (2) From, o (3) Subject largas en un mensaje de correo electr\u00f3nico SMTP saliente. NOTA: la notificaci\u00f3n original del fabricante hac\u00eda referencia a CVE-2006-3456, lo cual fue un error.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:S/C:N/I:N/A:C\",\"baseScore\":4.6,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.1,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DDD0E02-306D-4675-B73A-2C2F619CDDCF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"844A6963-F60C-4D48-8445-9056C99201D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.0.1.1000:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2852548A-39A6-44FB-A73E-96507BA0CD8C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.0.1.1007:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17862D7F-7001-46B8-A415-2A15A247E9BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.0.1.1009:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E651C9BE-201B-4DDC-A650-F9269531290C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56EA0BAC-ED6D-45D2-995C-18B828906E1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.0.2.2000:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63B1A9FC-707C-4F6F-959B-30B28E43D202\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.0.2.2001:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87E4E013-A819-42E0-8F8E-9B2D409F900E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.0.2.2002:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"097B87A8-8176-4426-BDE4-6FDDD272E1B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.0.2.2011:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2FC1708-B643-4489-A59C-EBDAFD9B0078\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.0.2.2021:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE714705-CEE9-4BA1-8573-FD3765BC7F94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:9.0:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"D9E85FD6-9E89-4497-854C-60A20639CE52\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:9.0.0.338:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"91F70069-D0F2-41D8-862F-2162CE12D49F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:9.0.1:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"2860637E-6FA5-445A-86B5-E9F2D2D7DD37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:9.0.1.1.1000:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"EDF0DA40-1AC4-4610-AEAC-F431E23BAEAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:9.0.1.1000:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"018D1F3B-BAFC-461E-B833-9E0F98A6533D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:9.0.2:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"4B9AED5E-2D66-4EB2-95CC-158D909AAE6E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:9.0.2.1000:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"5696AC09-E8BB-4060-9A81-EA2B190B850A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:9.0.3.1000:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"C18E6605-5F86-4957-AE16-80F59F40110E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:9.0.4:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"56D54011-9B09-4C63-8301-609C03E51099\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:9.0.5:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"9EF7F7F6-FC6B-4258-AE1D-3E4C19B365B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:9.0.5.1100:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"A10DA055-1F24-4AFD-A688-58D1DB4FB64A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:10.0:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"CAC5389A-8B18-40C4-A3E0-E50B6AA724FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:10.0.1.1000:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"C86261D8-47C4-4476-925E-71E961A5242A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:10.0.1.1007:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"7544F4F3-D3A8-4814-9727-6077542FC404\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:10.0.2.2000:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"88090CD5-A324-4A41-A55E-9381FBC14B62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:10.0.2.2001:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"78E79E4D-E93B-4C6C-92EE-1E33EE1AEB55\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:10.0.2.2002:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"F6E6EC72-9B83-4685-B48E-25E4211EC280\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:10.0.2.2010:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"275187A5-FB3A-41C2-A6F4-F2DC9D88D0DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:10.0.2.2011:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"A7F0C0E9-9665-452E-A382-04656F2009AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:10.0.2.2020:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"6A220194-CCB1-41F6-9CB0-A79C2E5E36FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:10.0.2.2021:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"4D3CBEF5-25C6-41E8-97A3-2AA43134E619\"}]}]}],\"references\":[{\"url\":\"http://osvdb.org/36115\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/26036\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11b.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1018367\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1018371\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/24802\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/2506\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/35354\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://osvdb.org/36115\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/26036\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11b.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1018367\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1018371\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/24802\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/2506\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/35354\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

gsd-2007-3771

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2007-3771

Aliases

CVE-2007-3771

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2007-3771",
    "description": "Stack-based buffer overflow in the Internet E-mail Auto-Protect feature in Symantec AntiVirus Corporate Edition before 10.1, and Client Security before 3.1, allows local users to cause a denial of service (service crash) via a long (1) To, (2) From, or (3) Subject header in an outbound SMTP e-mail message.  NOTE: the original vendor advisory referenced CVE-2006-3456, but this was an error.",
    "id": "GSD-2007-3771"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2007-3771"
      ],
      "details": "Stack-based buffer overflow in the Internet E-mail Auto-Protect feature in Symantec AntiVirus Corporate Edition before 10.1, and Client Security before 3.1, allows local users to cause a denial of service (service crash) via a long (1) To, (2) From, or (3) Subject header in an outbound SMTP e-mail message.  NOTE: the original vendor advisory referenced CVE-2006-3456, but this was an error.",
      "id": "GSD-2007-3771",
      "modified": "2023-12-13T01:21:42.056191Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2007-3771",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Stack-based buffer overflow in the Internet E-mail Auto-Protect feature in Symantec AntiVirus Corporate Edition before 10.1, and Client Security before 3.1, allows local users to cause a denial of service (service crash) via a long (1) To, (2) From, or (3) Subject header in an outbound SMTP e-mail message.  NOTE: the original vendor advisory referenced CVE-2006-3456, but this was an error."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "1018371",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1018371"
          },
          {
            "name": "26036",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/26036"
          },
          {
            "name": "1018367",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1018367"
          },
          {
            "name": "symantec-antivirus-emailautoprotect-bo(35354)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35354"
          },
          {
            "name": "ADV-2007-2506",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2007/2506"
          },
          {
            "name": "24802",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/24802"
          },
          {
            "name": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11b.html",
            "refsource": "CONFIRM",
            "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11b.html"
          },
          {
            "name": "36115",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/36115"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.1.1007:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.1.1009:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:10.0.1.1000:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:10.0.1.1007:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2021:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:10.0:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:9.0.4:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:9.0.5.1100:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.2.2000:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2000:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2001:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:9.0.0.338:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:9.0.1.1.1000:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:9.0.5:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:9.0:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.1.1000:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.2.2011:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.2.2021:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2011:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2020:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:9.0.2:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:9.0.3.1000:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.2.2001:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.2.2002:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2002:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2010:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:9.0.1.1000:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:9.0.1:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:9.0.2.1000:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-3771"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in the Internet E-mail Auto-Protect feature in Symantec AntiVirus Corporate Edition before 10.1, and Client Security before 3.1, allows local users to cause a denial of service (service crash) via a long (1) To, (2) From, or (3) Subject header in an outbound SMTP e-mail message.  NOTE: the original vendor advisory referenced CVE-2006-3456, but this was an error."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "24802",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/24802"
            },
            {
              "name": "1018367",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1018367"
            },
            {
              "name": "1018371",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1018371"
            },
            {
              "name": "26036",
              "refsource": "SECUNIA",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/26036"
            },
            {
              "name": "36115",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/36115"
            },
            {
              "name": "ADV-2007-2506",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2007/2506"
            },
            {
              "name": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11b.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11b.html"
            },
            {
              "name": "symantec-antivirus-emailautoprotect-bo(35354)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35354"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "SINGLE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 4.6,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 3.1,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-07-29T01:32Z",
      "publishedDate": "2007-07-15T22:30Z"
    }
  }
}

Stack-based buffer overflow in the Internet E-mail Auto-Protect feature in Symantec AntiVirus Corporate Edition before 10.1, and Client Security before 3.1, allows local users to cause a denial of service (service crash) via a long (1) To, (2) From, or (3) Subject header in an outbound SMTP e-mail message. NOTE: the original vendor advisory referenced CVE-2006-3456, but this was an error. This issue occurs because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer. An attacker can exploit this issue to cause denial-of-service conditions.

Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure.

The Full Featured Secunia Network Software Inspector (NSI) is now available: http://secunia.com/network_software_inspector/

The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,000 different Windows applications.

The vulnerability is caused due to an error within the Internet Email Auto-Protect feature when scanning outgoing email messages. This can be exploited to cause a stack overflow via an email message containing an overly long (greater than 951 characters) string in the "To:", "From:", or "Subject" fields.

Successful exploitation crashes the Internet E-mail real-time protection service and results in subsequent outgoing SMTP email messages not being scanned.

ORIGINAL ADVISORY: Symantec: http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11b.html

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200707-0297",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "symantec",
        "version": "3.0.1.1007"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "9.0.1.1000"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "9.0"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "9.0.2.1000"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "9.0.3.1000"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "9.0.4"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "9.0.5.1100"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "9.0.1"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "9.0.5"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "9.0.2"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "symantec",
        "version": "3.0.2.2021"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "symantec",
        "version": "3.0.2.2011"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "symantec",
        "version": "3.0.2.2002"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "symantec",
        "version": "3.0.2.2001"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "symantec",
        "version": "3.0.2.2000"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "symantec",
        "version": "3.0"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "symantec",
        "version": "2.0"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "symantec",
        "version": "3.0.1.1000"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "10.0.2.2010"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "3.0.2"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "10.0.2.2011"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "10.0.2.2020"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "9.0.0.338"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "10.0.1.1007"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "10.0.2.2002"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "10.0.2.2000"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "3.0.1.1009"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "9.0.1.1.1000"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "10.0.2.2001"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "10.0.1.1000"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "10.0.2.2021"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "10.0"
      },
      {
        "model": "client security",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "symantec",
        "version": "3.1"
      },
      {
        "model": "norton antivirus",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "symantec",
        "version": "corporate edition 10.1"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.0.2.2020"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.0.2.2010"
      },
      {
        "model": "client security build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "2.0.51100"
      },
      {
        "model": "client security mr4 build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "2.0.41000"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "2.0.4"
      },
      {
        "model": "client security mr3 b9.0.3.1000",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "2.0.3"
      },
      {
        "model": "client security mr2 b9.0.2.1000",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "2.0.2"
      },
      {
        "model": "client security mr1 b9.0.1.1000",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "2.0.1"
      },
      {
        "model": "client security stm build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "2.09.0.0.338"
      },
      {
        "model": "client security (scf",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "2.07.1)"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.0.1.1008"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.0.1.1001"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.0.0.359"
      },
      {
        "model": "client security mr6",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "2.0.6"
      },
      {
        "model": "client security",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.1"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "24802"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-005857"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200707-250"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-3771"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:symantec:client_security",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:symantec:norton_antivirus",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-005857"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Jordi Corrales is credited with discovering this issue.",
    "sources": [
      {
        "db": "BID",
        "id": "24802"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200707-250"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2007-3771",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "SINGLE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 4.6,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.1,
            "id": "CVE-2007-3771",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 4.6,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.1,
            "id": "VHN-27133",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:S/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2007-3771",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2007-3771",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200707-250",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-27133",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-27133"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-005857"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200707-250"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-3771"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Stack-based buffer overflow in the Internet E-mail Auto-Protect feature in Symantec AntiVirus Corporate Edition before 10.1, and Client Security before 3.1, allows local users to cause a denial of service (service crash) via a long (1) To, (2) From, or (3) Subject header in an outbound SMTP e-mail message.  NOTE: the original vendor advisory referenced CVE-2006-3456, but this was an error. This issue occurs because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer. \nAn attacker can exploit this issue to cause denial-of-service conditions. \n\n----------------------------------------------------------------------\n\nTry a new way to discover vulnerabilities that ALREADY EXIST in your\nIT infrastructure. \n\nThe Full Featured Secunia Network Software Inspector (NSI) is now\navailable:\nhttp://secunia.com/network_software_inspector/\n\nThe Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT\nvulnerabilities in more than 4,000 different Windows applications. \n\nThe vulnerability is caused due to an error within the Internet Email\nAuto-Protect feature when scanning outgoing email messages. This can\nbe exploited to cause a stack overflow via an email message\ncontaining an overly long (greater than 951 characters) string in the\n\"To:\", \"From:\", or \"Subject\" fields. \n\nSuccessful exploitation crashes the Internet E-mail real-time\nprotection service and results in subsequent outgoing SMTP email\nmessages not being scanned. \n\nORIGINAL ADVISORY:\nSymantec:\nhttp://securityresponse.symantec.com/avcenter/security/Content/2007.07.11b.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2007-3771"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-005857"
      },
      {
        "db": "BID",
        "id": "24802"
      },
      {
        "db": "VULHUB",
        "id": "VHN-27133"
      },
      {
        "db": "PACKETSTORM",
        "id": "57687"
      }
    ],
    "trust": 2.07
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2007-3771",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "24802",
        "trust": 2.0
      },
      {
        "db": "SECUNIA",
        "id": "26036",
        "trust": 1.8
      },
      {
        "db": "SECTRACK",
        "id": "1018371",
        "trust": 1.7
      },
      {
        "db": "SECTRACK",
        "id": "1018367",
        "trust": 1.7
      },
      {
        "db": "VUPEN",
        "id": "ADV-2007-2506",
        "trust": 1.7
      },
      {
        "db": "OSVDB",
        "id": "36115",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-005857",
        "trust": 0.8
      },
      {
        "db": "XF",
        "id": "35354",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200707-250",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-27133",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "57687",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-27133"
      },
      {
        "db": "BID",
        "id": "24802"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-005857"
      },
      {
        "db": "PACKETSTORM",
        "id": "57687"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200707-250"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-3771"
      }
    ]
  },
  "id": "VAR-200707-0297",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-27133"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-11-23T21:49:02.322000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SYM07-016",
        "trust": 0.8,
        "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11b.html"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-005857"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2007-3771"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.8,
        "url": "http://securityresponse.symantec.com/avcenter/security/content/2007.07.11b.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/24802"
      },
      {
        "trust": 1.7,
        "url": "http://osvdb.org/36115"
      },
      {
        "trust": 1.7,
        "url": "http://securitytracker.com/id?1018367"
      },
      {
        "trust": 1.7,
        "url": "http://securitytracker.com/id?1018371"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/26036"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2007/2506"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35354"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3771"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-3771"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/35354"
      },
      {
        "trust": 0.6,
        "url": "http://www.frsirt.com/english/advisories/2007/2506"
      },
      {
        "trust": 0.3,
        "url": "http://www.symantec.com"
      },
      {
        "trust": 0.3,
        "url": "http://www.symantec.com/avcenter/security/content/2007.07.11b.html"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/26036/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/network_software_inspector/"
      },
      {
        "trust": 0.1,
        "url": "https://fileconnect.symantec.com/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/3549/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/6649/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/3478/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/5555/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-27133"
      },
      {
        "db": "BID",
        "id": "24802"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-005857"
      },
      {
        "db": "PACKETSTORM",
        "id": "57687"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200707-250"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-3771"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-27133"
      },
      {
        "db": "BID",
        "id": "24802"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-005857"
      },
      {
        "db": "PACKETSTORM",
        "id": "57687"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200707-250"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-3771"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2007-07-15T00:00:00",
        "db": "VULHUB",
        "id": "VHN-27133"
      },
      {
        "date": "2007-07-11T00:00:00",
        "db": "BID",
        "id": "24802"
      },
      {
        "date": "2012-12-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2007-005857"
      },
      {
        "date": "2007-07-13T00:55:11",
        "db": "PACKETSTORM",
        "id": "57687"
      },
      {
        "date": "2007-07-15T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200707-250"
      },
      {
        "date": "2007-07-15T22:30:00",
        "db": "NVD",
        "id": "CVE-2007-3771"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-07-29T00:00:00",
        "db": "VULHUB",
        "id": "VHN-27133"
      },
      {
        "date": "2015-05-07T17:37:00",
        "db": "BID",
        "id": "24802"
      },
      {
        "date": "2012-12-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2007-005857"
      },
      {
        "date": "2007-07-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200707-250"
      },
      {
        "date": "2024-11-21T00:34:01.600000",
        "db": "NVD",
        "id": "CVE-2007-3771"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "24802"
      },
      {
        "db": "PACKETSTORM",
        "id": "57687"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200707-250"
      }
    ],
    "trust": 1.0
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Symantec AntiVirus Corporate Edition and  Client Security Vulnerable to stack-based buffer overflow",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-005857"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer overflow",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200707-250"
      }
    ],
    "trust": 0.6
  }
}

fkie_cve-2007-3771

Vulnerability from fkie_nvd

Published

2007-07-15 22:30

Modified

2024-11-21 00:34

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://osvdb.org/36115
cve@mitre.org	http://secunia.com/advisories/26036	Patch, Vendor Advisory
cve@mitre.org	http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11b.html
cve@mitre.org	http://securitytracker.com/id?1018367
cve@mitre.org	http://securitytracker.com/id?1018371
cve@mitre.org	http://www.securityfocus.com/bid/24802
cve@mitre.org	http://www.vupen.com/english/advisories/2007/2506
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/35354
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/36115
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26036	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11b.html
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1018367
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1018371
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/24802
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/2506
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/35354

Impacted products

Vendor	Product	Version
symantec	client_security	2.0
symantec	client_security	3.0
symantec	client_security	3.0.1.1000
symantec	client_security	3.0.1.1007
symantec	client_security	3.0.1.1009
symantec	client_security	3.0.2
symantec	client_security	3.0.2.2000
symantec	client_security	3.0.2.2001
symantec	client_security	3.0.2.2002
symantec	client_security	3.0.2.2011
symantec	client_security	3.0.2.2021
symantec	norton_antivirus	9.0
symantec	norton_antivirus	9.0.0.338
symantec	norton_antivirus	9.0.1
symantec	norton_antivirus	9.0.1.1.1000
symantec	norton_antivirus	9.0.1.1000
symantec	norton_antivirus	9.0.2
symantec	norton_antivirus	9.0.2.1000
symantec	norton_antivirus	9.0.3.1000
symantec	norton_antivirus	9.0.4
symantec	norton_antivirus	9.0.5
symantec	norton_antivirus	9.0.5.1100
symantec	norton_antivirus	10.0
symantec	norton_antivirus	10.0.1.1000
symantec	norton_antivirus	10.0.1.1007
symantec	norton_antivirus	10.0.2.2000
symantec	norton_antivirus	10.0.2.2001
symantec	norton_antivirus	10.0.2.2002
symantec	norton_antivirus	10.0.2.2010
symantec	norton_antivirus	10.0.2.2011
symantec	norton_antivirus	10.0.2.2020
symantec	norton_antivirus	10.0.2.2021

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DDD0E02-306D-4675-B73A-2C2F619CDDCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "844A6963-F60C-4D48-8445-9056C99201D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1000:*:*:*:*:*:*:*",
              "matchCriteriaId": "2852548A-39A6-44FB-A73E-96507BA0CD8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1007:*:*:*:*:*:*:*",
              "matchCriteriaId": "17862D7F-7001-46B8-A415-2A15A247E9BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1009:*:*:*:*:*:*:*",
              "matchCriteriaId": "E651C9BE-201B-4DDC-A650-F9269531290C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "56EA0BAC-ED6D-45D2-995C-18B828906E1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2000:*:*:*:*:*:*:*",
              "matchCriteriaId": "63B1A9FC-707C-4F6F-959B-30B28E43D202",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2001:*:*:*:*:*:*:*",
              "matchCriteriaId": "87E4E013-A819-42E0-8F8E-9B2D409F900E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2002:*:*:*:*:*:*:*",
              "matchCriteriaId": "097B87A8-8176-4426-BDE4-6FDDD272E1B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2011:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2FC1708-B643-4489-A59C-EBDAFD9B0078",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2021:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE714705-CEE9-4BA1-8573-FD3765BC7F94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "D9E85FD6-9E89-4497-854C-60A20639CE52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.0.338:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "91F70069-D0F2-41D8-862F-2162CE12D49F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.1:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "2860637E-6FA5-445A-86B5-E9F2D2D7DD37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.1.1.1000:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "EDF0DA40-1AC4-4610-AEAC-F431E23BAEAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.1.1000:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "018D1F3B-BAFC-461E-B833-9E0F98A6533D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.2:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "4B9AED5E-2D66-4EB2-95CC-158D909AAE6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.2.1000:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "5696AC09-E8BB-4060-9A81-EA2B190B850A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.3.1000:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "C18E6605-5F86-4957-AE16-80F59F40110E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.4:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "56D54011-9B09-4C63-8301-609C03E51099",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.5:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "9EF7F7F6-FC6B-4258-AE1D-3E4C19B365B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.5.1100:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "A10DA055-1F24-4AFD-A688-58D1DB4FB64A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "CAC5389A-8B18-40C4-A3E0-E50B6AA724FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.1.1000:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "C86261D8-47C4-4476-925E-71E961A5242A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.1.1007:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "7544F4F3-D3A8-4814-9727-6077542FC404",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2000:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "88090CD5-A324-4A41-A55E-9381FBC14B62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2001:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "78E79E4D-E93B-4C6C-92EE-1E33EE1AEB55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2002:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "F6E6EC72-9B83-4685-B48E-25E4211EC280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2010:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "275187A5-FB3A-41C2-A6F4-F2DC9D88D0DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2011:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "A7F0C0E9-9665-452E-A382-04656F2009AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2020:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "6A220194-CCB1-41F6-9CB0-A79C2E5E36FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2021:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "4D3CBEF5-25C6-41E8-97A3-2AA43134E619",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in the Internet E-mail Auto-Protect feature in Symantec AntiVirus Corporate Edition before 10.1, and Client Security before 3.1, allows local users to cause a denial of service (service crash) via a long (1) To, (2) From, or (3) Subject header in an outbound SMTP e-mail message.  NOTE: the original vendor advisory referenced CVE-2006-3456, but this was an error."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer basado en pila en la caracter\u00edstica Internet E-mail Auto-Protect de Symantec AntiVirus Corporate Edition anterior a 10.1, y Client Security anterior a 3.1, permite a usuarios locales provocar una denegaci\u00f3n de servicio (ca\u00edda del servicio) mediante cabeceras (1) To, (2) From, o (3) Subject largas en un mensaje de correo electr\u00f3nico SMTP saliente. NOTA: la notificaci\u00f3n original del fabricante hac\u00eda referencia a CVE-2006-3456, lo cual fue un error."
    }
  ],
  "id": "CVE-2007-3771",
  "lastModified": "2024-11-21T00:34:01.600",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 4.6,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-07-15T22:30:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/36115"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26036"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11b.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1018367"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1018371"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/24802"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/2506"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35354"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/36115"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26036"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11b.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1018367"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1018371"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/24802"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/2506"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35354"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

ghsa-f844-8gxq-37w7

Vulnerability from github

Published

2022-05-01 18:16

Modified

2022-05-01 18:16

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2007-3771"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2007-07-15T22:30:00Z",
    "severity": "MODERATE"
  },
  "details": "Stack-based buffer overflow in the Internet E-mail Auto-Protect feature in Symantec AntiVirus Corporate Edition before 10.1, and Client Security before 3.1, allows local users to cause a denial of service (service crash) via a long (1) To, (2) From, or (3) Subject header in an outbound SMTP e-mail message.  NOTE: the original vendor advisory referenced CVE-2006-3456, but this was an error.",
  "id": "GHSA-f844-8gxq-37w7",
  "modified": "2022-05-01T18:16:57Z",
  "published": "2022-05-01T18:16:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-3771"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35354"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/36115"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/26036"
    },
    {
      "type": "WEB",
      "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11b.html"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1018367"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1018371"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/24802"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/2506"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2007-3771

Vulnerability from cvelistv5

gsd-2007-3771

Vulnerability from gsd

var-200707-0297

Vulnerability from variot

fkie_cve-2007-3771

Vulnerability from fkie_nvd

ghsa-f844-8gxq-37w7

Vulnerability from github

Tags

Sightings

Nomenclature