Vulnerability Details : CVE-2013-7001
The Multimedia Messaging Centre (MMSC) in NowSMS Now SMS & MMS Gateway before 2013.11.15 allows remote attackers to cause a denial of service via a malformed MM1 message that is routed to a (1) MM4 or (2) MM7 connection.
Vulnerability category: Input validationDenial of service
Products affected by CVE-2013-7001
- cpe:2.3:a:nowsms:now_sms_\&_mms_gateway:*:*:*:*:*:*:*:*
- cpe:2.3:a:nowsms:now_sms_\&_mms_gateway:2013.09.26:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2013-7001
0.58%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 75 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2013-7001
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:N/A:P |
8.6
|
2.9
|
NIST |
CWE ids for CVE-2013-7001
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-7001
-
http://www.securityfocus.com/bid/63879
Now SMS & MMS Gateway Message Processing Multiple Denial of Service Vulnerabilities
-
http://www.nowsms.com/nowsms20131115
NowSMS / NowMMS Update 2013.11.15 | NowSMSVendor Advisory
Jump to