Vulnerability Details CVE-2007-0962
Cisco PIX 500 and ASA 5500 Series Security Appliances 7.0 before 7.0(4.14) and 7.1 before 7.1(2.1), and the FWSM 2.x before 2.3(4.12) and 3.x before 3.1(3.24), when "inspect http" is enabled, allows remote attackers to cause a denial of service (device reboot) via malformed HTTP traffic.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.028
EPSS Ranking 85.4%
CVSS Severity
CVSS v2 Score 7.8
References
- http://osvdb.org/33055
- http://secunia.com/advisories/24160
- http://secunia.com/advisories/24180
- http://securitytracker.com/id?1017651
- http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml
- http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2484.shtml
- http://www.securityfocus.com/bid/22561
- http://www.securityfocus.com/bid/22562
- http://www.securitytracker.com/id?1017652
- http://www.vupen.com/english/advisories/2007/0608
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32486
- http://osvdb.org/33055
- http://secunia.com/advisories/24160
- http://secunia.com/advisories/24180
- http://securitytracker.com/id?1017651
- http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml
- http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2484.shtml
- http://www.securityfocus.com/bid/22561
- http://www.securityfocus.com/bid/22562
- http://www.securitytracker.com/id?1017652
- http://www.vupen.com/english/advisories/2007/0608
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32486
Products affected by CVE-2007-0962
-
cpe:2.3:h:cisco:asa_5500:7.0
-
cpe:2.3:h:cisco:asa_5500:7.1
-
cpe:2.3:h:cisco:firewall_services_module:2.3
-
cpe:2.3:h:cisco:firewall_services_module:3.1
-
cpe:2.3:o:cisco:pix_firewall_software:7.0
-
cpe:2.3:o:cisco:pix_firewall_software:7.1