CVE-2007-3021
Severity Score
7.5
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224.0, as used in Symantec Client Security 3.1 and later, and Symantec AntiVirus Corporate Edition (SAV CE) 10.1 and later, does not initialize a critical variable, which allows attackers to create arbitrary executable files via unknown manipulations of a file that is created during data export.
Symantec Reporting Server 1.0.197.0, y otras versiones anteriores a 1.0.224.0, como se usan en Symantec Client Security 3.1 y posteriores, y Symantec AntiVirus Corporate Edition (SAV CE) 10.1 y posteriores, no inicializa una variable crítica, lo cual permite a los atacantes crear archivos ejecutables de su elección mediante manipulaciones desconocidas de un archivo que se crea durante la exportación de datos.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2007-06-04 CVE Reserved
- 2007-06-05 CVE Published
- 2024-05-16 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (7)
| URL | Tag | Source |
|---|---|---|
| http://osvdb.org/36109 | Vdb Entry | |
| http://secunia.com/advisories/25543 | Third Party Advisory | |
| http://www.securityfocus.com/bid/24313 | Vdb Entry | |
| http://www.securitytracker.com/id?1018196 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2007/2074 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/34744 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.symantec.com/avcenter/security/Content/2007.06.05a.html | 2017-07-29 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Symantec Search vendor "Symantec" | Client Security Search vendor "Symantec" for product "Client Security" | 3.1 Search vendor "Symantec" for product "Client Security" and version "3.1" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Client Security Search vendor "Symantec" for product "Client Security" | 3.1.394 Search vendor "Symantec" for product "Client Security" and version "3.1.394" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Client Security Search vendor "Symantec" for product "Client Security" | 3.1.396 Search vendor "Symantec" for product "Client Security" and version "3.1.396" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Client Security Search vendor "Symantec" for product "Client Security" | 3.1.400 Search vendor "Symantec" for product "Client Security" and version "3.1.400" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Client Security Search vendor "Symantec" for product "Client Security" | 3.1.401 Search vendor "Symantec" for product "Client Security" and version "3.1.401" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Norton Antivirus Search vendor "Symantec" for product "Norton Antivirus" | 10.0.2.2021 Search vendor "Symantec" for product "Norton Antivirus" and version "10.0.2.2021" | corporate |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Norton Antivirus Search vendor "Symantec" for product "Norton Antivirus" | 10.1 Search vendor "Symantec" for product "Norton Antivirus" and version "10.1" | corporate |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Norton Antivirus Search vendor "Symantec" for product "Norton Antivirus" | 10.1.396 Search vendor "Symantec" for product "Norton Antivirus" and version "10.1.396" | corporate |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Norton Antivirus Search vendor "Symantec" for product "Norton Antivirus" | 10.1.400 Search vendor "Symantec" for product "Norton Antivirus" and version "10.1.400" | corporate |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Norton Antivirus Search vendor "Symantec" for product "Norton Antivirus" | 10.1.401 Search vendor "Symantec" for product "Norton Antivirus" and version "10.1.401" | corporate |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Reporting Server Search vendor "Symantec" for product "Reporting Server" | <= 1.0.197.0 Search vendor "Symantec" for product "Reporting Server" and version " <= 1.0.197.0" | - |
Affected
| ||||||