What is the severity of CVE-2007-5580?

CVE-2007-5580 is classified as a high severity vulnerability due to its potential for remote code execution.

How do I fix CVE-2007-5580?

To mitigate CVE-2007-5580, upgrade to Cisco Security Agent versions 4.5.1.672, 5.0.0.225, 5.1.0.106, or 5.2.0.238 or later.

Which versions of Cisco Security Agent are affected by CVE-2007-5580?

CVE-2007-5580 affects Cisco Security Agent versions prior to 4.5.1.672, 5.0.0.225, 5.1.0.106, and 5.2.0.238.

What type of attack does CVE-2007-5580 involve?

CVE-2007-5580 involves a buffer overflow attack that can be triggered via a crafted SMB packet.

Where does CVE-2007-5580 occur within the system?

CVE-2007-5580 occurs in a certain driver of Cisco Security Agent running on Windows systems.

Vulnerability/
CVE-2007-5580

critical

CWE

119

15/12/2007

7/8/2024

CVE-2007-5580: Buffer Overflow

First published: Sat Dec 15 2007(Updated: )

Buffer overflow in a certain driver in Cisco Security Agent 4.5.1 before 4.5.1.672, 5.0 before 5.0.0.225, 5.1 before 5.1.0.106, and 5.2 before 5.2.0.238 on Windows allows remote attackers to execute arbitrary code via a crafted SMB packet in a TCP session on port (1) 139 or (2) 445.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco Security Agent	=4.5.1.639
Cisco Security Agent	=4.5.1
Cisco Security Agent	=5.1
Cisco Security Agent	=4.5.1.659
Cisco Security Agent	=5.0.193
Cisco Security Agent	=4.0.3.728
Cisco Security Agent	=5.0
Cisco Security Agent	=4.0.3
Cisco Security Agent	=5.0.0.201
Cisco Security Agent	=5.2
Cisco Security Agent	=4.0.2
Cisco Security Agent	=3
Cisco Security Agent	=4.0
Cisco Security Agent	=4.5.1.657
Cisco Security Agent	=4.5
Cisco Security Agent	=2.1
Cisco Security Agent	=4.0.1
Cisco Security Agent	=5.1.79

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2007-5580?
CVE-2007-5580 is classified as a high severity vulnerability due to its potential for remote code execution.
How do I fix CVE-2007-5580?
To mitigate CVE-2007-5580, upgrade to Cisco Security Agent versions 4.5.1.672, 5.0.0.225, 5.1.0.106, or 5.2.0.238 or later.
Which versions of Cisco Security Agent are affected by CVE-2007-5580?
CVE-2007-5580 affects Cisco Security Agent versions prior to 4.5.1.672, 5.0.0.225, 5.1.0.106, and 5.2.0.238.
What type of attack does CVE-2007-5580 involve?
CVE-2007-5580 involves a buffer overflow attack that can be triggered via a crafted SMB packet.
Where does CVE-2007-5580 occur within the system?
CVE-2007-5580 occurs in a certain driver of Cisco Security Agent running on Windows systems.

collector/nvd-historical
collector/nvd-index
agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/author
agent/weakness
agent/severity
agent/first-publish-date
agent/tags
agent/event
agent/description
agent/source
vendor/cisco
canonical/cisco security agent
version/cisco security agent/4.5.1.639
version/cisco security agent/4.5.1
version/cisco security agent/5.1
version/cisco security agent/4.5.1.659
version/cisco security agent/5.0.193
version/cisco security agent/4.0.3.728
version/cisco security agent/5.0
version/cisco security agent/4.0.3
version/cisco security agent/5.0.0.201
version/cisco security agent/5.2
version/cisco security agent/4.0.2
version/cisco security agent/3
version/cisco security agent/4.0
version/cisco security agent/4.5.1.657
version/cisco security agent/4.5
version/cisco security agent/2.1
version/cisco security agent/4.0.1
version/cisco security agent/5.1.79