CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2007-4991

The SOCKS4 Proxy in Microsoft Internet Security and Acceleration (ISA) Server 2004 SP1 and SP2 allows remote attackers to obtain potentially sensitive information (the destination IP address of another user's session) via an empty packet.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.475

EPSS Ranking 97.5%

CVSS Severity

CVSS v2 Score 5.0

References

http://osvdb.org/45906
http://www.securityfocus.com/bid/25753
http://www.securitytracker.com/id?1018727
http://www.zerodayinitiative.com/advisories/ZDI-07-053.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/36715
http://osvdb.org/45906
http://www.securityfocus.com/bid/25753
http://www.securitytracker.com/id?1018727
http://www.zerodayinitiative.com/advisories/ZDI-07-053.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/36715

Products affected by CVE-2007-4991

Microsoft » Isa Server » Version: 2004

cpe:2.3:a:microsoft:isa_server:2004

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-4991

Products

Pricing

Contact Us