CVE-2007-3911: Buffer Overflow
First published: Mon Jul 30 2007(Updated: )
Multiple heap-based buffer overflows in (1) clsscheduler.exe (aka scheduler client) and (2) srvscheduler.exe (aka scheduler server) in BakBone NetVault Reporter 3.5 before Update4 allow remote attackers to execute arbitrary code via long filename arguments in HTTP requests.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| BakBone NetVault Reporter | <=3.5update3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.zerodayinitiative.com/advisories/ZDI-07-044.html
- http://www.securityfocus.com/bid/25068
- http://secunia.com/advisories/26222
- http://www.securitytracker.com/id?1018460
- http://securityreason.com/securityalert/2954
- http://www.vupen.com/english/advisories/2007/2658
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35588
- http://www.securityfocus.com/archive/1/474626/100/0/threaded
- collector/nvd-historical
- collector/nvd-index
- agent/type
- agent/weakness
- agent/references
- agent/author
- agent/severity
- agent/description
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/remedy
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/bakbone
- canonical/bakbone netvault reporter
- version/bakbone netvault reporter/3.5update3