Vulnerabilities > CVE-2007-2514 - Remote Buffer Overflow vulnerability in Multiple Vendor XFERWAN.EXE Filename

047910
CVSS 9.3 - CRITICAL
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
centennial
numara
symantec
critical

Summary

Stack-based buffer overflow in XferWan.exe as used in multiple products including (1) Symantec Discovery 6.5, (2) Numara Asset Manager 8.0, and (3) Centennial UK Ltd Discovery 2006 Feature Pack, allows remote attackers to execute arbitrary code via a long request. NOTE: this might be a reservation duplicate of CVE-2007-1173. "This issue only affects systems running non-secure communications, which comprise a very small percentage of installations worldwide."

Vulnerable Configurations

Part Description Count
Application
Centennial
1
Application
Numara
1
Application
Symantec
1