Vulnerability Details CVE-2007-1168
Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 20070216 allows remote attackers to access arbitrary web pages and reconfigure the product via HTTP requests with the splx_2376_info cookie to the web interface port (14942/tcp).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.013
EPSS Ranking 78.3%
CVSS Severity
CVSS v2 Score 7.5
References
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=477
- http://secunia.com/advisories/24264
- http://securitytracker.com/id?1017685
- http://www.securityfocus.com/bid/22662
- http://www.trendmicro.com/download/product.asp?productid=20
- http://www.vupen.com/english/advisories/2007/0691
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=477
- http://secunia.com/advisories/24264
- http://securitytracker.com/id?1017685
- http://www.securityfocus.com/bid/22662
- http://www.trendmicro.com/download/product.asp?productid=20
- http://www.vupen.com/english/advisories/2007/0691
Products affected by CVE-2007-1168
-
cpe:2.3:a:trend_micro:serverprotect:1.25_2007-02-16
-
cpe:2.3:a:trend_micro:serverprotect:1.3
-
cpe:2.3:a:trend_micro:serverprotect:2.5