NVD

Id
54039  
Name
CVE-2007-1868  
Description
The management service in IBM Tivoli Provisioning Manager for OS Deployment before 5.1 Fix Pack 2 does not properly handle multipart/form-data in HTTP POST requests, which allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via crafted POST requests to port 8080/tcp or 443/tcp.  
Reject
 
CVSS Version
2  
CVSS Score
10  
Severity
High  
CVSS Base Score
10  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-07  
Published
2007-04-04  
Modified Date
2012-11-05  
Seq
2007-1868  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
274066 54039 CVE-2007-1868 20070331 IBM Tivoli Provisioning Manager for OS Deployment Multiple Vulnerabilities  View
274067 54039 CVE-2007-1868 http://www-1.ibm.com/support/docview.wss?uid=swg24015347  View
274068 54039 CVE-2007-1868 23264  View
274069 54039 CVE-2007-1868 1017840  View
274070 54039 CVE-2007-1868 ADV-2007-1199  View
274071 54039 CVE-2007-1868 tivoli-post-code-execution(33384)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
54945 JVNDB-2007-003637 IBM Tivoli Provisioning Manager for OS Deployment におけるサービス運用妨害 (DoS) の脆弱性 IBM Tivoli Provisioning Manager for OS Deployment の管理サービスは、HTTP POST リクエスト内の multipart/form-data を適切に処理しないため、任意のコードを実行される、またはサービス運用妨害 (デーモンクラッシュ) 状態となる脆弱性が存在します。 CVE-2007-1868 25223 CVE-2007-1868 54039 10 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-003637.html 2007-04-04 2012-09-25 View