NVD

Id
53850  
Name
CVE-2007-1666  
Description
The processor_request function in the debugger server for DataRescue IDA Pro 5.0 and 5.1 does not verify that authentication has taken place before invoking the perform_request function, which allows remote attackers to perform unauthorized actions.  
Reject
 
CVSS Version
2  
CVSS Score
10  
Severity
High  
CVSS Base Score
10  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-07  
Published
2007-03-24  
Modified Date
2011-06-20  
Seq
2007-1666  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
272985 53850 CVE-2007-1666 20070323 DataRescue IDA Pro Remote Debugger Server Authentication Bypass Vulnerability  View
272986 53850 CVE-2007-1666 http://www.datarescue.com/freefiles/ida_remdeb_fix_22032007.zip  View
272987 53850 CVE-2007-1666 23114  View
272988 53850 CVE-2007-1666 1017815  View
272989 53850 CVE-2007-1666 ADV-2007-1089  View
272990 53850 CVE-2007-1666 idapro-processorrequest-code-execution(33190)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
53049 JVNDB-2007-001741 DataRescue IDA Pro 用のデバッグサーバの processor_request 関数における不正な操作を実行される脆弱性 DataRescue IDA Pro 用のデバッグサーバの processor_request 関数は、perform_request 関数呼び出し前に発生する認証を検証しないため、不正な操作を実行される脆弱性が存在します。 CVE-2007-1666 25021 CVE-2007-1666 53850 10 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-001741.html 2007-03-24 2012-06-26 View