CVE-2007-1685

Bluecoat K9 Web Protection - Buffer Overflow

Title source: rule

Description

Buffer overflow in k9filter.exe in BlueCoat K9 Web Protection 3.2.36, and probably other versions before 3.2.44, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request to port 2372.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Dennis Rand · htmldosmultiple

https://www.exploit-db.com/exploits/30163

View Code ZIP pw:eip

References (11)

[Various Sources] http://www.csis.dk/dk/forside/Bluecoat-k9.pdf

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1018210

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/470836/100/0/threaded

[Third Party Advisory] http://www.vupen.com/english/advisories/2007/2104

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/34773

[Third Party Advisory, VDB Entry] http://osvdb.org/37186

[US Government Resource] http://www.kb.cert.org/vuls/id/271601

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/24373

[Mailing List] http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063848.html

[Third Party Advisory] http://secunia.com/advisories/25593

[Third Party Advisory] http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0190.html

Scores

EPSS 0.4988

EPSS Percentile 97.8%

Details

Status published

Products (1)

bluecoat/k9_web_protection 3.2.36

Published Jun 08, 2007

Tracked Since Feb 18, 2026