CVE-2007-5548

Published: Oct 18, 2007Modified: Apr 23, 2026

6.9

Vector

AV:L/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 3.4 / Impact: 10.0

Source: NVD

Description

Multiple stack-based buffer overflows in Command EXEC in Cisco IOS allow local users to gain privileges via unspecified vectors, aka (1) PSIRT-0474975756 and (2) PSIRT-0388256465. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.

Affected (1)

Products: Cisco: Ios

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Cisco Ios	All versions

Related CWEs

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (6)

http://osvdb.org/45360

Source: cve@mitre.org

http://osvdb.org/45361

Source: cve@mitre.org

http://www.irmplc.com/index.php/111-Vendor-Alerts

Source: cve@mitre.org

http://osvdb.org/45360

Source: af854a3a-2127-422b-91ae-364da2661108

http://osvdb.org/45361

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.irmplc.com/index.php/111-Vendor-Alerts

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.