Vulnerabilities > CVE-2007-5552 - Numeric Errors vulnerability in Cisco IOS

CVSS 9.3 - CRITICAL

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

cisco

CWE-189

critical

NVD

Published: 2007-10-18

Updated: 2008-09-05

Summary

Integer overflow in Cisco IOS allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.

Vulnerable Configurations

Part	Description	Count
OS	Cisco Cisco IOS *	1

Common Weakness Enumeration (CWE)

CWE-189 - Numeric Errors

References

http://www.irmplc.com/index.php/111-Vendor-Alerts