Unrated severityNVD Advisory· Published Jul 11, 2007· Updated Apr 23, 2026
CVE-2007-3701
CVE-2007-3701
Description
TippingPoint IPS before 20070710 does not properly handle a hex-encoded alternate Unicode '/' (slash) character, which might allow remote attackers to send certain network traffic and avoid detection, as demonstrated by a cmd.exe attack.
Affected products
13cpe:2.3:a:tippingpoint:tipping_point:1200:*:*:*:*:*:*:*+ 12 more
- cpe:2.3:a:tippingpoint:tipping_point:1200:*:*:*:*:*:*:*
- cpe:2.3:a:tippingpoint:tipping_point:1200e:*:*:*:*:*:*:*
- cpe:2.3:a:tippingpoint:tipping_point:200:*:*:*:*:*:*:*
- cpe:2.3:a:tippingpoint:tipping_point:200e:*:*:*:*:*:*:*
- cpe:2.3:a:tippingpoint:tipping_point:2400e:*:*:*:*:*:*:*
- cpe:2.3:a:tippingpoint:tipping_point:400:*:*:*:*:*:*:*
- cpe:2.3:a:tippingpoint:tipping_point:50:*:*:*:*:*:*:*
- cpe:2.3:a:tippingpoint:tipping_point:5000e:*:*:*:*:*:*:*
- cpe:2.3:a:tippingpoint:tipping_point:600e:*:*:*:*:*:*:*
- cpe:2.3:a:tippingpoint:tipping_point:sms:*:*:*:*:*:*:*
- cpe:2.3:a:tippingpoint:tipping_point:x505:*:*:*:*:*:*:*
- cpe:2.3:a:tippingpoint:tipping_point:x506:*:*:*:*:*:*:*
- cpe:2.3:a:tippingpoint:tipping_point:zpha:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
10- www.3com.com/securityalert/alerts/3COM-07-003.htmlnvdPatchVendor Advisory
- security-assessment.com/files/advisories/2007-07-11_Tippingpoint_IPS_Signature_Evasion.pdfnvdExploitPatchVendor Advisory
- www.securityfocus.com/bid/24855nvdExploit
- lists.grok.org.uk/pipermail/full-disclosure/2007-July/064550.htmlnvd
- osvdb.org/35970nvd
- secunia.com/advisories/26013nvd
- www.securityfocus.com/archive/1/473311/100/0/threadednvd
- www.securitytracker.com/idnvd
- www.vupen.com/english/advisories/2007/2490nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/35336nvd
News mentions
0No linked articles in our index yet.