Unrated severityNVD Advisory· Published Apr 22, 2007· Updated Apr 23, 2026

CVE-2007-2137

Description

Heap-based buffer overflow in kde.dll in IBM Tivoli Monitoring Express 6.1.0 before Fix Pack 2, as used in Tivoli Universal Agent, Windows OS Monitoring agent, and Enterprise Portal Server, allows remote attackers to execute arbitrary code by sending a long string to a certain TCP port.

Affected products

IBM/Tivoli Monitoring Express
cpe:2.3:a:ibm:tivoli_monitoring_express:6.1.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www-1.ibm.com/support/docview.wssnvdPatch
www.securityfocus.com/bid/23558nvdPatch
www.zerodayinitiative.com/advisories/ZDI-07-018.htmlnvdVendor Advisory
secunia.com/advisories/24938nvd
securityreason.com/securityalert/2597nvd
www.securityfocus.com/archive/1/466216/100/0/threadednvd
www.securitytracker.com/idnvd
www.vupen.com/english/advisories/2007/1456nvd
exchange.xforce.ibmcloud.com/vulnerabilities/33746nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.023
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000