Unrated severityNVD Advisory· Published Oct 31, 2007· Updated Apr 23, 2026

CVE-2007-2957

Description

Integer overflow in McAfee E-Business Server before 8.5.3 for Solaris, and before 8.1.2 for Linux, HP-UX, and AIX, allows remote attackers to execute arbitrary code via a large length value in an authentication packet, which results in a heap-based buffer overflow.

Affected products

McAfee/E Business Server4 versions
cpe:2.3:a:mcafee:e-business_server:*:*:aix:*:*:*:*:*+ 3 more
- cpe:2.3:a:mcafee:e-business_server:*:*:aix:*:*:*:*:*range: <=8.1.1
- cpe:2.3:a:mcafee:e-business_server:*:*:hpux:*:*:*:*:*range: <=8.1.1
- cpe:2.3:a:mcafee:e-business_server:*:*:linux:*:*:*:*:*range: <=8.1.1
- cpe:2.3:a:mcafee:e-business_server:*:*:solaris:*:*:*:*:*range: <=8.5.2

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

knowledge.mcafee.com/SupportSite/dynamickc.donvdPatch
secunia.com/advisories/26372nvdVendor Advisory
secunia.com/secunia_research/2007-69/advisory/nvdVendor Advisory
securitytracker.com/idnvd
www.securityfocus.com/bid/26269nvd
www.vupen.com/english/advisories/2007/3663nvd
exchange.xforce.ibmcloud.com/vulnerabilities/38175nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.007
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000