fkie_nvd - fkie_cve-2007-3771

fkie_cve-2007-3771

Vulnerability from fkie_nvd

Published

2007-07-15 22:30

Modified

2025-04-09 00:30

Severity ?

Summary

Stack-based buffer overflow in the Internet E-mail Auto-Protect feature in Symantec AntiVirus Corporate Edition before 10.1, and Client Security before 3.1, allows local users to cause a denial of service (service crash) via a long (1) To, (2) From, or (3) Subject header in an outbound SMTP e-mail message. NOTE: the original vendor advisory referenced CVE-2006-3456, but this was an error.

References

URL	Tags
cve@mitre.org	http://osvdb.org/36115
cve@mitre.org	http://secunia.com/advisories/26036	Patch, Vendor Advisory
cve@mitre.org	http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11b.html
cve@mitre.org	http://securitytracker.com/id?1018367
cve@mitre.org	http://securitytracker.com/id?1018371
cve@mitre.org	http://www.securityfocus.com/bid/24802
cve@mitre.org	http://www.vupen.com/english/advisories/2007/2506
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/35354
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/36115
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26036	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11b.html
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1018367
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1018371
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/24802
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/2506
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/35354

Impacted products

Vendor	Product	Version
symantec	client_security	2.0
symantec	client_security	3.0
symantec	client_security	3.0.1.1000
symantec	client_security	3.0.1.1007
symantec	client_security	3.0.1.1009
symantec	client_security	3.0.2
symantec	client_security	3.0.2.2000
symantec	client_security	3.0.2.2001
symantec	client_security	3.0.2.2002
symantec	client_security	3.0.2.2011
symantec	client_security	3.0.2.2021
symantec	norton_antivirus	9.0
symantec	norton_antivirus	9.0.0.338
symantec	norton_antivirus	9.0.1
symantec	norton_antivirus	9.0.1.1.1000
symantec	norton_antivirus	9.0.1.1000
symantec	norton_antivirus	9.0.2
symantec	norton_antivirus	9.0.2.1000
symantec	norton_antivirus	9.0.3.1000
symantec	norton_antivirus	9.0.4
symantec	norton_antivirus	9.0.5
symantec	norton_antivirus	9.0.5.1100
symantec	norton_antivirus	10.0
symantec	norton_antivirus	10.0.1.1000
symantec	norton_antivirus	10.0.1.1007
symantec	norton_antivirus	10.0.2.2000
symantec	norton_antivirus	10.0.2.2001
symantec	norton_antivirus	10.0.2.2002
symantec	norton_antivirus	10.0.2.2010
symantec	norton_antivirus	10.0.2.2011
symantec	norton_antivirus	10.0.2.2020
symantec	norton_antivirus	10.0.2.2021

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DDD0E02-306D-4675-B73A-2C2F619CDDCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "844A6963-F60C-4D48-8445-9056C99201D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1000:*:*:*:*:*:*:*",
              "matchCriteriaId": "2852548A-39A6-44FB-A73E-96507BA0CD8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1007:*:*:*:*:*:*:*",
              "matchCriteriaId": "17862D7F-7001-46B8-A415-2A15A247E9BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1009:*:*:*:*:*:*:*",
              "matchCriteriaId": "E651C9BE-201B-4DDC-A650-F9269531290C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "56EA0BAC-ED6D-45D2-995C-18B828906E1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2000:*:*:*:*:*:*:*",
              "matchCriteriaId": "63B1A9FC-707C-4F6F-959B-30B28E43D202",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2001:*:*:*:*:*:*:*",
              "matchCriteriaId": "87E4E013-A819-42E0-8F8E-9B2D409F900E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2002:*:*:*:*:*:*:*",
              "matchCriteriaId": "097B87A8-8176-4426-BDE4-6FDDD272E1B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2011:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2FC1708-B643-4489-A59C-EBDAFD9B0078",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2021:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE714705-CEE9-4BA1-8573-FD3765BC7F94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "D9E85FD6-9E89-4497-854C-60A20639CE52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.0.338:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "91F70069-D0F2-41D8-862F-2162CE12D49F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.1:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "2860637E-6FA5-445A-86B5-E9F2D2D7DD37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.1.1.1000:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "EDF0DA40-1AC4-4610-AEAC-F431E23BAEAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.1.1000:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "018D1F3B-BAFC-461E-B833-9E0F98A6533D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.2:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "4B9AED5E-2D66-4EB2-95CC-158D909AAE6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.2.1000:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "5696AC09-E8BB-4060-9A81-EA2B190B850A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.3.1000:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "C18E6605-5F86-4957-AE16-80F59F40110E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.4:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "56D54011-9B09-4C63-8301-609C03E51099",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.5:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "9EF7F7F6-FC6B-4258-AE1D-3E4C19B365B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.5.1100:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "A10DA055-1F24-4AFD-A688-58D1DB4FB64A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "CAC5389A-8B18-40C4-A3E0-E50B6AA724FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.1.1000:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "C86261D8-47C4-4476-925E-71E961A5242A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.1.1007:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "7544F4F3-D3A8-4814-9727-6077542FC404",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2000:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "88090CD5-A324-4A41-A55E-9381FBC14B62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2001:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "78E79E4D-E93B-4C6C-92EE-1E33EE1AEB55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2002:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "F6E6EC72-9B83-4685-B48E-25E4211EC280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2010:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "275187A5-FB3A-41C2-A6F4-F2DC9D88D0DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2011:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "A7F0C0E9-9665-452E-A382-04656F2009AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2020:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "6A220194-CCB1-41F6-9CB0-A79C2E5E36FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2021:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "4D3CBEF5-25C6-41E8-97A3-2AA43134E619",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in the Internet E-mail Auto-Protect feature in Symantec AntiVirus Corporate Edition before 10.1, and Client Security before 3.1, allows local users to cause a denial of service (service crash) via a long (1) To, (2) From, or (3) Subject header in an outbound SMTP e-mail message.  NOTE: the original vendor advisory referenced CVE-2006-3456, but this was an error."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer basado en pila en la caracter\u00edstica Internet E-mail Auto-Protect de Symantec AntiVirus Corporate Edition anterior a 10.1, y Client Security anterior a 3.1, permite a usuarios locales provocar una denegaci\u00f3n de servicio (ca\u00edda del servicio) mediante cabeceras (1) To, (2) From, o (3) Subject largas en un mensaje de correo electr\u00f3nico SMTP saliente. NOTA: la notificaci\u00f3n original del fabricante hac\u00eda referencia a CVE-2006-3456, lo cual fue un error."
    }
  ],
  "id": "CVE-2007-3771",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 4.6,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-07-15T22:30:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/36115"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26036"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11b.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1018367"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1018371"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/24802"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/2506"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35354"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/36115"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26036"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11b.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1018367"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1018371"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/24802"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/2506"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35354"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2007-3771 (GCVE-0-2007-3771)

Vulnerability from cvelistv5

Published

2007-07-15 22:00