CVE-2007-4285

critical

Description

Unspecified vulnerability in Cisco IOS and Cisco IOS XR 12.x up to 12.3, including some versions before 12.3(15) and 12.3(14)T, allows remote attackers to obtain sensitive information (partial packet contents) or cause a denial of service (router or component crash) via crafted IPv6 packets with a Type 0 routing header.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5840

https://exchange.xforce.ibmcloud.com/vulnerabilities/35906

http://www.vupen.com/english/advisories/2007/2819

http://www.securitytracker.com/id?1018542

http://www.cisco.com/en/US/products/products_security_advisory09186a0080899647.shtml

http://secunia.com/advisories/26359

Details

Source: Mitre, NVD

Published: 2007-08-09

Updated: 2017-09-29

Risk Information

CVSS v2

Base Score: 9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:C

Severity: High

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Severity: Critical