{ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-2137", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Heap-based buffer overflow in kde.dll in IBM Tivoli Monitoring Express 6.1.0 before Fix Pack 2, as used in Tivoli Universal Agent, Windows OS Monitoring agent, and Enterprise Portal Server, allows remote attackers to execute arbitrary code by sending a long string to a certain TCP port." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1017933", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1017933" }, { "name": "ADV-2007-1456", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/1456" }, { "name": "20070418 ZDI-07-018: IBM Tivoli Monitoring Express Universal Agent Heap Overflow Vunlerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/466216/100/0/threaded" }, { "name": "http://www.zerodayinitiative.com/advisories/ZDI-07-018.html", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-018.html" }, { "name": "http://www-1.ibm.com/support/docview.wss?uid=swg24012341", "refsource": "MISC", "url": "http://www-1.ibm.com/support/docview.wss?uid=swg24012341" }, { "name": "tivoli-monitoring-multiple-bo(33746)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33746" }, { "name": "23558", "refsource": "BID", "url": "http://www.securityfocus.com/bid/23558" }, { "name": "24938", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24938" }, { "name": "2597", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/2597" } ] } }