var-200706-0270
Vulnerability from variot
Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224.0, as used in Symantec Client Security 3.1 and later, and Symantec AntiVirus Corporate Edition (SAV CE) 10.1 and later, does not initialize a critical variable, which allows attackers to create arbitrary executable files via unknown manipulations of a file that is created during data export. Symantec System Center Reporting Server is prone to a remote privilege-escalation vulnerability. Attackers can exploit this issue to execute malicious code on an affected server and gain the privileges of the user running the server. Successful attacks will compromise the application and possibly the underlying computer. SYM07-012 Symantec Reporting Server Elevation of Privilege
June 5, 2007
Risk Impact Medium
Remote Access: Yes Local Access: Yes Authentication Required: No Exploit available: No
Overview Files created by a Reporting Server may be accessible to an unauthorized user. The error occurred due to the improper initialization of a variable, and updates have been released to correct the problem. Individual client systems are not affected.
Symantec is not aware of any customers impacted by this issue, or of any attempts to exploit the issue. However, we recommend that customers update Reporting Server immediately to protect against possible attempts to exploit this issue.
- Ensure that the SCS Console and Reporting Server interface are never visible external to the network. This greatly reduces opportunities for unauthorized remote access.
- User accounts for Reporting Server should be unique, and different from the user\x92s network login account.
- Delete exported data files which are no longer needed.
Credit Symantec would like to thank Ertunga Arsal of Tech Data GmbH & Co. OHG for reporting this issue, and coordinating with us on the response.
CVE This issue is a candidate for inclusion in the Common Vulnerabilities and Exposures (CVE) list (http://cve.mitre.org), which standardizes names for security problems. The CVE initiative has assigned CVE-2007-3021 to this issue
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Symantec Product Security Team
Symantec takes the security and proper functionality of its products very seriously. As founding members of the Organization for Internet Safety (OISafety), Symantec follows the principles of responsible disclosure. Symantec also subscribes to the vulnerability guidelines outlined by the National Infrastructure Advisory Council (NIAC). Please contact secure@symantec.com if you feel you have discovered a potential or actual security issue with a Symantec product.
Copyright (c) 2007 by Symantec Corp.
-----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.0.6 (Build 6060)
iQEVAwUBRmW5bf9Lqygkbb6BAQjVQQf7BjFMagCcjl+kkYiEEcphatUuDi1sDZ+h r2eRvO+8RbCzNoGWuBFiK9ExIhhQNRTDCkvceDcFFOBtKVv7wg/LGw935O8P7+PK lsdT+UEdCFqyUu+mteYARW4uQ9b17luDoxU2cEa6iZ9qS/6uzLEAkNQXo0Tm2PlT elYjlv5m13FSbAd+KfRh94XRguxrKZ/i8KxzsS8E0RvmADW+mjYbNv1rRT5C3AGr Kl7f3c07U4+DfISxDcAVjZwgK6lA42qLih8M2iC4P2bQJ1Ml3Uukxnt1EOLFBNo2 5UXMaAZ7lSK7l+ZIg1q57h5tsXOp9FQQaN7rSk2ObEvGoGheK3wiww== =CXAH -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200706-0270",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "client security",
"scope": "eq",
"trust": 1.9,
"vendor": "symantec",
"version": "3.1.401"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.9,
"vendor": "symantec",
"version": "3.1.400"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.9,
"vendor": "symantec",
"version": "3.1.396"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.9,
"vendor": "symantec",
"version": "3.1"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "10.0.2.2021"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "10.1.401"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "10.1"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "10.1.400"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "10.1.396"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.3,
"vendor": "symantec",
"version": "3.1.394"
},
{
"model": "reporting server",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "1.0.197.0"
},
{
"model": "reporting server",
"scope": "eq",
"trust": 0.9,
"vendor": "symantec",
"version": "1.0.197.0"
},
{
"model": "client security",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "3.1 and later"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "corporate edition (sav ce) 10.1 and later"
},
{
"model": "reporting server",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "1.0.197.0 and 1.0.224.0"
},
{
"model": "antivirus corporate edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.1.401"
},
{
"model": "antivirus corporate edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.1.400"
},
{
"model": "antivirus corporate edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.1.396"
},
{
"model": "antivirus corporate edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.1.394"
},
{
"model": "antivirus corporate edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.1"
},
{
"model": "reporting server",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0.224.0"
},
{
"model": "client security",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "3.1.6.6000"
},
{
"model": "antivirus corporate edition",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "10.1.6.6000"
}
],
"sources": [
{
"db": "BID",
"id": "24313"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-005636"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-048"
},
{
"db": "NVD",
"id": "CVE-2007-3021"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:symantec:client_security",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:symantec:norton_antivirus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:symantec:reporting_server",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-005636"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ertunga Arsal",
"sources": [
{
"db": "PACKETSTORM",
"id": "57065"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-048"
}
],
"trust": 0.7
},
"cve": "CVE-2007-3021",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2007-3021",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-26383",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2007-3021",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2007-3021",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200706-048",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-26383",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-26383"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-005636"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-048"
},
{
"db": "NVD",
"id": "CVE-2007-3021"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224.0, as used in Symantec Client Security 3.1 and later, and Symantec AntiVirus Corporate Edition (SAV CE) 10.1 and later, does not initialize a critical variable, which allows attackers to create arbitrary executable files via unknown manipulations of a file that is created during data export. Symantec System Center Reporting Server is prone to a remote privilege-escalation vulnerability. \nAttackers can exploit this issue to execute malicious code on an affected server and gain the privileges of the user running the server. Successful attacks will compromise the application and possibly the underlying computer. SYM07-012 Symantec Reporting Server Elevation of Privilege\n\nJune 5, 2007 \n\nRisk Impact\nMedium \n\nRemote Access: Yes\nLocal Access: Yes\nAuthentication Required: No\nExploit available: No\n\nOverview\nFiles created by a Reporting Server may be accessible to an unauthorized user. The error occurred due to the improper initialization of a variable, and updates have been released to correct the problem. Individual client systems are not affected. \n\nSymantec is not aware of any customers impacted by this issue, or of any attempts to exploit the issue. However, we recommend that customers update Reporting Server immediately to protect against possible attempts to exploit this issue. \n - Ensure that the SCS Console and Reporting Server interface are never visible external to the network. This greatly reduces opportunities for unauthorized remote access. \n- User accounts for Reporting Server should be unique, and different from the user\\x92s network login account. \n- Delete exported data files which are no longer needed. \n\n\nCredit\nSymantec would like to thank Ertunga Arsal of Tech Data GmbH \u0026 Co. OHG for reporting this issue, and coordinating with us on the response. \n\nCVE\nThis issue is a candidate for inclusion in the Common Vulnerabilities and Exposures (CVE) list (http://cve.mitre.org), which standardizes names for security problems. The CVE initiative has assigned CVE-2007-3021 to this issue\n\n\n\n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nSymantec Product Security Team\n\n________________________________________\nSymantec takes the security and proper functionality of its products very\nseriously. As founding members of the \nOrganization for Internet Safety (OISafety), Symantec follows the\nprinciples of responsible disclosure. Symantec also \nsubscribes to the vulnerability guidelines outlined by the National\nInfrastructure Advisory Council (NIAC). Please contact \nsecure@symantec.com if you feel you have discovered a potential or actual\nsecurity issue with a Symantec product. \n________________________________________\nCopyright (c) 2007 by Symantec Corp. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP Desktop 9.0.6 (Build 6060)\n\niQEVAwUBRmW5bf9Lqygkbb6BAQjVQQf7BjFMagCcjl+kkYiEEcphatUuDi1sDZ+h\nr2eRvO+8RbCzNoGWuBFiK9ExIhhQNRTDCkvceDcFFOBtKVv7wg/LGw935O8P7+PK\nlsdT+UEdCFqyUu+mteYARW4uQ9b17luDoxU2cEa6iZ9qS/6uzLEAkNQXo0Tm2PlT\nelYjlv5m13FSbAd+KfRh94XRguxrKZ/i8KxzsS8E0RvmADW+mjYbNv1rRT5C3AGr\nKl7f3c07U4+DfISxDcAVjZwgK6lA42qLih8M2iC4P2bQJ1Ml3Uukxnt1EOLFBNo2\n5UXMaAZ7lSK7l+ZIg1q57h5tsXOp9FQQaN7rSk2ObEvGoGheK3wiww==\n=CXAH\n-----END PGP SIGNATURE-----\n\n\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-3021"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-005636"
},
{
"db": "BID",
"id": "24313"
},
{
"db": "VULHUB",
"id": "VHN-26383"
},
{
"db": "PACKETSTORM",
"id": "57065"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-26383",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-26383"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-3021",
"trust": 2.9
},
{
"db": "BID",
"id": "24313",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1018196",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "25543",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-2074",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "36109",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2007-005636",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200706-048",
"trust": 0.7
},
{
"db": "XF",
"id": "34744",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "57065",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-26383",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-26383"
},
{
"db": "BID",
"id": "24313"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-005636"
},
{
"db": "PACKETSTORM",
"id": "57065"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-048"
},
{
"db": "NVD",
"id": "CVE-2007-3021"
}
]
},
"id": "VAR-200706-0270",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-26383"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:36:13.732000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SYM07-012",
"trust": 0.8,
"url": "http://www.symantec.com/avcenter/security/Content/2007.06.05a.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-005636"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-3021"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.symantec.com/avcenter/security/content/2007.06.05a.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/24313"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1018196"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/25543"
},
{
"trust": 1.1,
"url": "http://osvdb.org/36109"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2007/2074"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34744"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3021"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-3021"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/34744"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2007/2074"
},
{
"trust": 0.3,
"url": "https://fileconnect.symantec.com/licenselogin.jsp"
},
{
"trust": 0.3,
"url": "http://www.symantec.com"
},
{
"trust": 0.3,
"url": "/archive/1/470603"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org),"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3021"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-26383"
},
{
"db": "BID",
"id": "24313"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-005636"
},
{
"db": "PACKETSTORM",
"id": "57065"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-048"
},
{
"db": "NVD",
"id": "CVE-2007-3021"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-26383"
},
{
"db": "BID",
"id": "24313"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-005636"
},
{
"db": "PACKETSTORM",
"id": "57065"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-048"
},
{
"db": "NVD",
"id": "CVE-2007-3021"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-06-05T00:00:00",
"db": "VULHUB",
"id": "VHN-26383"
},
{
"date": "2007-06-05T00:00:00",
"db": "BID",
"id": "24313"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-005636"
},
{
"date": "2007-06-07T06:06:31",
"db": "PACKETSTORM",
"id": "57065"
},
{
"date": "2007-06-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200706-048"
},
{
"date": "2007-06-05T21:30:00",
"db": "NVD",
"id": "CVE-2007-3021"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-29T00:00:00",
"db": "VULHUB",
"id": "VHN-26383"
},
{
"date": "2008-03-13T01:51:00",
"db": "BID",
"id": "24313"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-005636"
},
{
"date": "2007-06-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200706-048"
},
{
"date": "2024-11-21T00:32:12.873000",
"db": "NVD",
"id": "CVE-2007-3021"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200706-048"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Symantec Client Security and SAV CE Used in etc. Symantec Reporting Server Vulnerable to creating arbitrary executable files",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-005636"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access verification error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200706-048"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.