CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Vulnerability Details : CVE-2007-0447

Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote attackers to execute arbitrary code via multiple crafted CAB archives.
Publish Date : 2007-10-05 Last Update Date : 2012-10-30
Collapse All   Expand All   Select   Select&Copy  
Related Tweets   Even more tweets   Search Twitter   Search YouTube   Search Google

- CVSS Scores & Vulnerability Types

Cvss Score
9.3
Confidentiality Impact Complete (There is total information disclosure, resulting in all system files being revealed.)
Integrity Impact Complete (There is a total compromise of system integrity. There is a complete loss of system protection, resulting in the entire system being compromised.)
Availability Impact Complete (There is a total shutdown of the affected resource. The attacker can render the resource completely unavailable.)
Access Complexity Medium (The access conditions are somewhat specialized. Some preconditions must be satistified to exploit)
Authentication Not required (Authentication is not required to exploit the vulnerability.)
Gained Access None
Vulnerability Type(s) Execute CodeOverflow
CWE ID 119

- Products Affected By CVE-2007-0447

# Product Type Vendor Product Version Update Edition Language
1 Application Symantec Antivirus Scan Engine 4.0 Details Vulnerabilities
2 Application Symantec Antivirus Scan Engine 4.0 Clearswift Details Vulnerabilities
3 Application Symantec Antivirus Scan Engine 4.1 Details Vulnerabilities
4 Application Symantec Antivirus Scan Engine 4.1.8 Details Vulnerabilities
5 Application Symantec Antivirus Scan Engine 4.3 Caching Details Vulnerabilities
6 Application Symantec Antivirus Scan Engine 4.3 Details Vulnerabilities
7 Application Symantec Antivirus Scan Engine 4.3 Clearswift Details Vulnerabilities
8 Application Symantec Antivirus Scan Engine 4.3 Microsoft Sharepoint Details Vulnerabilities
9 Application Symantec Antivirus Scan Engine 4.3 Network Attached Storage Details Vulnerabilities
10 Application Symantec Antivirus Scan Engine 4.3.3 Details Vulnerabilities
11 Application Symantec Antivirus Scan Engine 4.3.7.27 Details Vulnerabilities
12 Application Symantec Antivirus Scan Engine 4.3.8.29 Details Vulnerabilities
13 Application Symantec Antivirus Scan Engine 4.3.12 Clearswift Details Vulnerabilities
14 Application Symantec Antivirus Scan Engine 4.3.12 Messaging Details Vulnerabilities
15 Application Symantec Antivirus Scan Engine 4.3.12 Microsoft Sharepoint Details Vulnerabilities
16 Application Symantec Antivirus Scan Engine 4.3.12 Network Attached Storage Details Vulnerabilities
17 Application Symantec Antivirus Scan Engine 4.3.12 Details Vulnerabilities
18 Application Symantec Antivirus Scan Engine 4.3.12 Caching Details Vulnerabilities
19 Application Symantec Antivirus Scan Engine 5.0 Details Vulnerabilities
20 Application Symantec Antivirus Scan Engine 5.0.1 Details Vulnerabilities
21 Application Symantec Brightmail Antispam 4.0 Details Vulnerabilities
22 Application Symantec Brightmail Antispam 5.5 Details Vulnerabilities
23 Application Symantec Brightmail Antispam 6.0 Details Vulnerabilities
24 Application Symantec Brightmail Antispam 6.0.1 Details Vulnerabilities
25 Application Symantec Brightmail Antispam 6.0.2 Details Vulnerabilities
26 Application Symantec Brightmail Antispam 6.0.3 Details Vulnerabilities
27 Application Symantec Brightmail Antispam 6.0.4 Details Vulnerabilities
28 Application Symantec Client Security 2.0 Scf 7.1 Details Vulnerabilities
29 Application Symantec Client Security 2.0 Build 9.0.0.338 STM Details Vulnerabilities
30 Application Symantec Client Security 2.0 Details Vulnerabilities
31 Application Symantec Client Security 2.0.1 Build 9.0.1.1000 MR1 Details Vulnerabilities
32 Application Symantec Client Security 2.0.2 Build 9.0.2.1000 MR2 Details Vulnerabilities
33 Application Symantec Client Security 2.0.3 Build 9.0.3.1000 MR3 Details Vulnerabilities
34 Application Symantec Client Security 2.0.4 Details Vulnerabilities
35 Application Symantec Client Security 2.0.4 Mr4 Build1000 Details Vulnerabilities
36 Application Symantec Client Security 2.0.5 Build 1100 Mp1 MR5 Details Vulnerabilities
37 Application Symantec Client Security 2.0.6 MR6 Details Vulnerabilities
38 Application Symantec Client Security 3.0 Details Vulnerabilities
39 Application Symantec Client Security 3.0.0.359 Details Vulnerabilities
40 Application Symantec Client Security 3.0.1.1000 Details Vulnerabilities
41 Application Symantec Client Security 3.0.1.1001 Details Vulnerabilities
42 Application Symantec Client Security 3.0.1.1007 Details Vulnerabilities
43 Application Symantec Client Security 3.0.1.1008 Details Vulnerabilities
44 Application Symantec Client Security 3.0.2.2000 Details Vulnerabilities
45 Application Symantec Client Security 3.0.2.2001 Details Vulnerabilities
46 Application Symantec Client Security 3.0.2.2002 Details Vulnerabilities
47 Application Symantec Client Security 3.0.2.2010 Details Vulnerabilities
48 Application Symantec Client Security 3.0.2.2011 Details Vulnerabilities
49 Application Symantec Client Security 3.0.2.2020 Details Vulnerabilities
50 Application Symantec Client Security 3.0.2.2021 Details Vulnerabilities
51 Application Symantec Client Security 3.1 Details Vulnerabilities
52 Application Symantec Client Security 3.1.394 Details Vulnerabilities
53 Application Symantec Client Security 3.1.396 Details Vulnerabilities
54 Application Symantec Client Security 3.1.400 Details Vulnerabilities
55 Application Symantec Client Security 3.1.401 Details Vulnerabilities
56 Hardware Symantec Gateway Security 5000 Series 3.0.1 Details Vulnerabilities
57 Hardware Symantec Gateway Security 5400 2.0.1 Details Vulnerabilities
58 Application Symantec Mail Security 4.0 Build465 Microsoft Exchange Details Vulnerabilities
59 Application Symantec Mail Security 4.0 Build736 Microsoft Exchange Details Vulnerabilities
60 Application Symantec Mail Security 4.0 Domino Details Vulnerabilities
61 Application Symantec Mail Security 4.0 Build741 Microsoft Exchange Details Vulnerabilities
62 Application Symantec Mail Security 4.0 Microsoft Exchange Details Vulnerabilities
63 Application Symantec Mail Security 4.0 Build743 Microsoft Exchange Details Vulnerabilities
64 Application Symantec Mail Security 4.0 Build456 Microsoft Exchange Details Vulnerabilities
65 Application Symantec Mail Security 4.0 Build463 Microsoft Exchange Details Vulnerabilities
66 Application Symantec Mail Security 4.0.1 Domino Details Vulnerabilities
67 Application Symantec Mail Security 4.1 Build461 Microsoft Exchange Details Vulnerabilities
68 Application Symantec Mail Security 4.1 Build458 Microsoft Exchange Details Vulnerabilities
69 Application Symantec Mail Security 4.1 Build459 Microsoft Exchange Details Vulnerabilities
70 Application Symantec Mail Security 4.5 Build 741 Exchange Details Vulnerabilities
71 Application Symantec Mail Security 4.5 Microsoft Exchange Details Vulnerabilities
72 Application Symantec Mail Security 4.5 Build 719 Exchange Details Vulnerabilities
73 Application Symantec Mail Security 4.5 Build 736 Exchange Details Vulnerabilities
74 Application Symantec Mail Security 4.5.4.743 Microsoft Exchange Details Vulnerabilities
75 Application Symantec Mail Security 4.6 Build 97 Exchange Details Vulnerabilities
76 Application Symantec Mail Security 4.6.1.107 Microsoft Exchange Details Vulnerabilities
77 Application Symantec Mail Security 4.6.3 Microsoft Exchange Details Vulnerabilities
78 Application Symantec Mail Security 5.0 Microsoft Exchange Details Vulnerabilities
79 Application Symantec Mail Security 5.0 Smtp Details Vulnerabilities
80 Application Symantec Mail Security 5.0.0.204 Microsoft Exchange Details Vulnerabilities
81 Application Symantec Mail Security 5.0.1 Smtp Details Vulnerabilities
82 Application Symantec Mail Security 5.1.0 Domino Details Vulnerabilities
83 Application Symantec Mail Security 6.0.0 Microsoft Exchange Details Vulnerabilities
84 Hardware Symantec Mail Security 8820 Appliance Details Vulnerabilities
85 Application Symantec Norton Antivirus Corporate Edition For Linux Details Vulnerabilities
86 Application Symantec Norton Antivirus 9.0 Corporate Edition Details Vulnerabilities
87 Application Symantec Norton Antivirus 9.0 Macintosh Details Vulnerabilities
88 Application Symantec Norton Antivirus 9.0.0 Macintosh Details Vulnerabilities
89 Application Symantec Norton Antivirus 9.0.0.338 Corporate Edition Details Vulnerabilities
90 Application Symantec Norton Antivirus 9.0.1 Macintosh Details Vulnerabilities
91 Application Symantec Norton Antivirus 9.0.1.1.1000 Corporate Edition Details Vulnerabilities
92 Application Symantec Norton Antivirus 9.0.2 Macintosh Details Vulnerabilities
93 Application Symantec Norton Antivirus 9.0.2.1000 Corporate Edition Details Vulnerabilities
94 Application Symantec Norton Antivirus 9.0.3 Macintosh Details Vulnerabilities
95 Application Symantec Norton Antivirus 9.0.3.1000 Corporate Edition Details Vulnerabilities
96 Application Symantec Norton Antivirus 9.0.4 Corporate Edition Details Vulnerabilities
97 Application Symantec Norton Antivirus 9.0.4 Mr4 Build 1000 Corporate Edition Details Vulnerabilities
98 Application Symantec Norton Antivirus 9.0.5 Corporate Edition Details Vulnerabilities
99 Application Symantec Norton Antivirus 9.0.5.1100 Corporate Edition Details Vulnerabilities
100 Application Symantec Norton Antivirus 9.0.6.1000 Corporate Edition Details Vulnerabilities
101 Application Symantec Norton Antivirus 10.0 Corporate Edition Details Vulnerabilities
102 Application Symantec Norton Antivirus 10.0 Macintosh Details Vulnerabilities
103 Application Symantec Norton Antivirus 10.0.0 Macintosh Details Vulnerabilities
104 Application Symantec Norton Antivirus 10.0.0.359 Corporate Edition Details Vulnerabilities
105 Application Symantec Norton Antivirus 10.0.1 Macintosh Details Vulnerabilities
106 Application Symantec Norton Antivirus 10.0.1.1000 Corporate Edition Details Vulnerabilities
107 Application Symantec Norton Antivirus 10.0.1.1007 Corporate Edition Details Vulnerabilities
108 Application Symantec Norton Antivirus 10.0.1.1008 Corporate Edition Details Vulnerabilities
109 Application Symantec Norton Antivirus 10.0.2.2000 Corporate Edition Details Vulnerabilities
110 Application Symantec Norton Antivirus 10.0.2.2001 Corporate Edition Details Vulnerabilities
111 Application Symantec Norton Antivirus 10.0.2.2002 Corporate Edition Details Vulnerabilities
112 Application Symantec Norton Antivirus 10.0.2.2010 Corporate Edition Details Vulnerabilities
113 Application Symantec Norton Antivirus 10.0.2.2011 Corporate Edition Details Vulnerabilities
114 Application Symantec Norton Antivirus 10.0.2.2020 Corporate Edition Details Vulnerabilities
115 Application Symantec Norton Antivirus 10.0.2.2021 Corporate Edition Details Vulnerabilities
116 Application Symantec Norton Antivirus 10.1 Corporate Edition Details Vulnerabilities
117 Application Symantec Norton Antivirus 10.1.4 Corporate Edition Details Vulnerabilities
118 Application Symantec Norton Antivirus 10.1.4 Mr4 Mp1 Build4010 Corporate Edition Details Vulnerabilities
119 Application Symantec Norton Antivirus 10.1.4.4010 Corporate Edition Details Vulnerabilities
120 Application Symantec Norton Antivirus 10.1.394 Corporate Edition Details Vulnerabilities
121 Application Symantec Norton Antivirus 10.1.396 Corporate Edition Details Vulnerabilities
122 Application Symantec Norton Antivirus 10.1.400 Corporate Edition Details Vulnerabilities
123 Application Symantec Norton Antivirus 10.1.401 Corporate Edition Details Vulnerabilities
124 Application Symantec Norton Antivirus 10.9.1 Macintosh Details Vulnerabilities
125 Application Symantec Norton Antivirus 2004 Details Vulnerabilities
126 Application Symantec Norton Antivirus 2004 Professional Details Vulnerabilities
127 Application Symantec Norton Antivirus 2005 Details Vulnerabilities
128 Application Symantec Norton Antivirus 2005 Professional Details Vulnerabilities
129 Application Symantec Norton Antivirus 2005 11.0 Details Vulnerabilities
130 Application Symantec Norton Antivirus 2005 11.0.9 Details Vulnerabilities
131 Application Symantec Norton Antivirus 2006 Details Vulnerabilities
132 Application Symantec Norton Internet Security 3.0 Macintosh Details Vulnerabilities
133 Application Symantec Norton Internet Security 2004 Details Vulnerabilities
134 Application Symantec Norton Internet Security 2004 Professional Details Vulnerabilities
135 Application Symantec Norton Internet Security 2005 Details Vulnerabilities
136 Application Symantec Norton Internet Security 2005 Professional Details Vulnerabilities
137 Application Symantec Norton Internet Security 2005 11.0 Details Vulnerabilities
138 Application Symantec Norton Internet Security 2005 11.0.9 Details Vulnerabilities
139 Application Symantec Norton Internet Security 2005 11.5.6.14 Details Vulnerabilities
140 Application Symantec Norton Internet Security 2006 Details Vulnerabilities
141 Application Symantec Norton Internet Security 2006 Professional Details Vulnerabilities
142 Application Symantec Norton Personal Firewall 2006 Details Vulnerabilities
143 Application Symantec Norton Personal Firewall 2006 9.1.0.33 Details Vulnerabilities
144 Application Symantec Norton Personal Firewall 2006 9.1.1.7 Details Vulnerabilities
145 Application Symantec Norton System Works 3.0 Macintosh Details Vulnerabilities
146 Application Symantec Norton System Works 2004 Details Vulnerabilities
147 Application Symantec Norton System Works 2005 Details Vulnerabilities
148 Application Symantec Norton System Works 2005 Premier Details Vulnerabilities
149 Application Symantec Norton System Works 2005 11.0 Details Vulnerabilities
150 Application Symantec Norton System Works 2005 11.0.9 Details Vulnerabilities
151 Application Symantec Norton System Works 2006 Details Vulnerabilities
152 Application Symantec Symantec Antivirus Filtering +for Domino 3.0.12 Details Vulnerabilities
153 Application Symantec Web Security 2.5 Details Vulnerabilities
154 Application Symantec Web Security 3.0 Details Vulnerabilities
155 Application Symantec Web Security 3.0.1 Details Vulnerabilities
156 Application Symantec Web Security 3.0.1 Build 3.01.70 Details Vulnerabilities
157 Application Symantec Web Security 3.0.1 Build 3.01.72 Details Vulnerabilities
158 Application Symantec Web Security 3.0.1 Build 3.01.74 Details Vulnerabilities
159 Application Symantec Web Security 3.0.1.70 Details Vulnerabilities
160 Application Symantec Web Security 3.0.1.76 Details Vulnerabilities
161 Application Symantec Web Security 3.01.59 Details Vulnerabilities
162 Application Symantec Web Security 3.01.60 Details Vulnerabilities
163 Application Symantec Web Security 3.01.61 Details Vulnerabilities
164 Application Symantec Web Security 3.01.62 Details Vulnerabilities
165 Application Symantec Web Security 3.01.63 Details Vulnerabilities
166 Application Symantec Web Security 3.01.67 Details Vulnerabilities
167 Application Symantec Web Security 3.01.68 Details Vulnerabilities
168 Application Symantec Web Security 5.0 Microsoft Isa 2004 Details Vulnerabilities

- Number Of Affected Versions By Product

Vendor Product Vulnerable Versions
Symantec Antivirus Scan Engine 20
Symantec Brightmail Antispam 7
Symantec Client Security 28
Symantec Gateway Security 5000 Series 1
Symantec Gateway Security 5400 1
Symantec Mail Security 26
Symantec Mail Security 8820 Appliance 1
Symantec Norton Antivirus 47
Symantec Norton Internet Security 10
Symantec Norton Personal Firewall 3
Symantec Norton System Works 7
Symantec Symantec Antivirus Filtering +for Domino 1
Symantec Web Security 16

- References For CVE-2007-0447

http://osvdb.org/36118
OSVDB 36118
http://secunia.com/advisories/26053
SECUNIA 26053
http://www.zerodayinitiative.com/advisories/ZDI-07-040.html
http://www.vupen.com/english/advisories/2007/2508
VUPEN ADV-2007-2508
http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11f.html CONFIRM
http://www.securityfocus.com/bid/24282
BID 24282 Symantec AntiVirus Malformed CAB and RAR Compression Remote Vulnerabilities Release Date:2007-07-13

- Metasploit Modules Related To CVE-2007-0447

There are not any metasploit modules related to this vulnerability (Please visit www.metasploit.com for more information)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.