Vulnerability Report

CVE-2007-2417

RCE

Title: Rsa Ace Server RCE

RCE

Proof Of Concept

No public PoC currently indexed for CVE-2007-2417.

CWE Category NVD-CWE-noinfo
Published Date Jul 15, 2007
Modified Date Apr 09, 2025
Exploit Status Not Found
Score 10.0 CVSS v2.0
Exploit Probability (EPSS)
2.04%

Vulnerability Summary

CVE-2007-2417: Heap-based buffer overflow in _mprosrv.exe in Progress Software Progress 9.1E and OpenEdge 10.1x, as used by the RSA Authentication Manager 6.0 and 6.1, SecurID Appliance 2.0, ACE/Server 5.2, and possibly other products, allows remote attackers to execute arbitrary code via crafted packets. NOTE: this issue might overlap CVE-2007-3491.

Impacted Vendors

R
rsa 2
P
progress 2

Reference Links

http://dvlabs.tippingpoint.com/advisory/TPTI-07-12 http://osvdb.org/37934 http://secunia.com/advisories/26058 http://secunia.com/advisories/26067 http://www.securityfocus.com/archive/1/473623/100/0/threaded http://www.securityfocus.com/bid/24675 http://www.securitytracker.com/id?1018389 http://www.vupen.com/english/advisories/2007/2530 http://www.vupen.com/english/advisories/2007/2531 https://exchange.xforce.ibmcloud.com/vulnerabilities/35385 http://dvlabs.tippingpoint.com/advisory/TPTI-07-12 http://osvdb.org/37934 http://secunia.com/advisories/26058 http://secunia.com/advisories/26067 http://www.securityfocus.com/archive/1/473623/100/0/threaded http://www.securityfocus.com/bid/24675 http://www.securitytracker.com/id?1018389 http://www.vupen.com/english/advisories/2007/2530 http://www.vupen.com/english/advisories/2007/2531 https://exchange.xforce.ibmcloud.com/vulnerabilities/35385
CVSS v2.0
Source Entity [email protected]
Severity HIGH
10.0
Access Vector
N/A
Authentication
N/A
RAW VECTOR AV:N/AC:L/Au:N/C:C/I:C/A:C

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2007-2417 Exploits & PoCs (Proof Of Concept)

No public PoCs found in our database for this CVE.

MODIFIED

Vulnerability data or affected products updated.

PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector N/A
Complexity N/A
Privileges N/A
Interaction NONE
CVSS Vector String AV:N/AC:L/Au:N/C:C/I:C/A:C

Affected Stack

No specific products linked.