{"api_version":"1","generated_at":"2026-05-30T10:11:45+00:00","cve":"CVE-2007-1173","urls":{"html":"https://cve.report/CVE-2007-1173","api":"https://cve.report/api/cve/CVE-2007-1173.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2007-1173","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2007-1173"},"summary":{"title":"CVE-2007-1173","description":"Multiple buffer overflows in the CentennialIPTransferServer service (XFERWAN.EXE), as used by (1) Centennial Discovery 2006 Feature Pack 1, (2) Numara Asset Manager 8.0, and (3) Symantec Discovery 6.5, allow remote attackers to execute arbitrary code via long strings in a crafted TCP packet.","state":"PUBLISHED","assigner":"flexera","published_at":"2007-05-16 22:30:00","updated_at":"2026-04-23 00:35:47"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"10","severity":"","vector":"AV:N/AC:L/Au:N/C:C/I:C/A:C","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"}}],"references":[{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/34313","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/34313","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://osvdb.org/35076","name":"http://osvdb.org/35076","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"http://www.vupen.com/english/advisories/2007/1834","name":"http://www.vupen.com/english/advisories/2007/1834","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/24281","name":"http://secunia.com/advisories/24281","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Symantec Discovery XferWan.exe Packet Parsing Buffer Overflows - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/secunia_research/2007-41/advisory/","name":"http://secunia.com/secunia_research/2007-41/advisory/","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Centennial Discovery XferWan.exe Packet Parsing Buffer Overflows - Secunia Research - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1018072","name":"http://www.securitytracker.com/id?1018072","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Symantec Discovery Buffer Overflows Let Remote Users Execute Arbitrary Code - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/24090","name":"http://secunia.com/advisories/24090","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Centennial Discovery XferWan.exe Packet Parsing Buffer Overflows - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/secunia_research/2007-43/advisory/","name":"http://secunia.com/secunia_research/2007-43/advisory/","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Numara Asset Manager XferWan.exe Packet Parsing Buffer Overflows - Secunia Research - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/24329","name":"http://secunia.com/advisories/24329","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Numara Asset Manager XferWan.exe Packet Parsing Buffer Overflows - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/24002","name":"http://www.securityfocus.com/bid/24002","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Multiple Vendor XFERWAN.EXE Remote Buffer Overflow Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://www.vupen.com/english/advisories/2007/1833","name":"http://www.vupen.com/english/advisories/2007/1833","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/secunia_research/2007-42/advisory/","name":"http://secunia.com/secunia_research/2007-42/advisory/","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Symantec Discovery XferWan.exe Packet Parsing Buffer Overflows - Secunia Research - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2007/1832","name":"http://www.vupen.com/english/advisories/2007/1832","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2007-1173","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-1173","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2007","cve_id":"1173","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"centennial","cpe5":"discovery","cpe6":"2006_featurepack1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"1173","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"numara","cpe5":"asset_manager","cpe6":"8.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"1173","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"discovery","cpe6":"6.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T12:43:22.564Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"http://secunia.com/secunia_research/2007-41/advisory/"},{"name":"ADV-2007-1834","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2007/1834"},{"name":"24002","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/24002"},{"name":"ADV-2007-1833","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2007/1833"},{"name":"1018072","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1018072"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://secunia.com/secunia_research/2007-42/advisory/"},{"name":"ADV-2007-1832","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2007/1832"},{"name":"xferwan-tcp-bo(34313)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/34313"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://secunia.com/secunia_research/2007-43/advisory/"},{"name":"24090","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/24090"},{"name":"24329","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/24329"},{"name":"35076","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/35076"},{"name":"24281","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/24281"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2007-05-16T00:00:00.000Z","descriptions":[{"lang":"en","value":"Multiple buffer overflows in the CentennialIPTransferServer service (XFERWAN.EXE), as used by (1) Centennial Discovery 2006 Feature Pack 1, (2) Numara Asset Manager 8.0, and (3) Symantec Discovery 6.5, allow remote attackers to execute arbitrary code via long strings in a crafted TCP packet."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-07-28T12:57:01.000Z","orgId":"44d08088-2bea-4760-83a6-1e9be26b15ab","shortName":"flexera"},"references":[{"tags":["x_refsource_MISC"],"url":"http://secunia.com/secunia_research/2007-41/advisory/"},{"name":"ADV-2007-1834","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2007/1834"},{"name":"24002","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/24002"},{"name":"ADV-2007-1833","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2007/1833"},{"name":"1018072","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1018072"},{"tags":["x_refsource_MISC"],"url":"http://secunia.com/secunia_research/2007-42/advisory/"},{"name":"ADV-2007-1832","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2007/1832"},{"name":"xferwan-tcp-bo(34313)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/34313"},{"tags":["x_refsource_MISC"],"url":"http://secunia.com/secunia_research/2007-43/advisory/"},{"name":"24090","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/24090"},{"name":"24329","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/24329"},{"name":"35076","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/35076"},{"name":"24281","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/24281"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"PSIRT-CNA@flexerasoftware.com","ID":"CVE-2007-1173","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Multiple buffer overflows in the CentennialIPTransferServer service (XFERWAN.EXE), as used by (1) Centennial Discovery 2006 Feature Pack 1, (2) Numara Asset Manager 8.0, and (3) Symantec Discovery 6.5, allow remote attackers to execute arbitrary code via long strings in a crafted TCP packet."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"http://secunia.com/secunia_research/2007-41/advisory/","refsource":"MISC","url":"http://secunia.com/secunia_research/2007-41/advisory/"},{"name":"ADV-2007-1834","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2007/1834"},{"name":"24002","refsource":"BID","url":"http://www.securityfocus.com/bid/24002"},{"name":"ADV-2007-1833","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2007/1833"},{"name":"1018072","refsource":"SECTRACK","url":"http://www.securitytracker.com/id?1018072"},{"name":"http://secunia.com/secunia_research/2007-42/advisory/","refsource":"MISC","url":"http://secunia.com/secunia_research/2007-42/advisory/"},{"name":"ADV-2007-1832","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2007/1832"},{"name":"xferwan-tcp-bo(34313)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/34313"},{"name":"http://secunia.com/secunia_research/2007-43/advisory/","refsource":"MISC","url":"http://secunia.com/secunia_research/2007-43/advisory/"},{"name":"24090","refsource":"SECUNIA","url":"http://secunia.com/advisories/24090"},{"name":"24329","refsource":"SECUNIA","url":"http://secunia.com/advisories/24329"},{"name":"35076","refsource":"OSVDB","url":"http://osvdb.org/35076"},{"name":"24281","refsource":"SECUNIA","url":"http://secunia.com/advisories/24281"}]}}}},"cveMetadata":{"assignerOrgId":"44d08088-2bea-4760-83a6-1e9be26b15ab","assignerShortName":"flexera","cveId":"CVE-2007-1173","datePublished":"2007-05-16T22:00:00.000Z","dateReserved":"2007-02-28T00:00:00.000Z","dateUpdated":"2024-08-07T12:43:22.564Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2007-05-16 22:30:00","lastModifiedDate":"2026-04-23 00:35:47","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10,"impactScore":10,"acInsufInfo":false,"obtainAllPrivilege":true,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:centennial:discovery:2006_featurepack1:*:*:*:*:*:*:*","matchCriteriaId":"E9336740-2AB3-4189-8EDE-3D12A3AFDB57"},{"vulnerable":true,"criteria":"cpe:2.3:a:numara:asset_manager:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F8AE39DA-388A-414F-B58A-B7B0E9B4FC12"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:discovery:6.5:*:*:*:*:*:*:*","matchCriteriaId":"8679A66E-0AEB-42E3-938D-E7AEC74A6C62"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2007","CveId":"1173","Ordinal":"1","Title":"CVE-2007-1173","CVE":"CVE-2007-1173","Year":"2007"},"notes":[{"CveYear":"2007","CveId":"1173","Ordinal":"1","NoteData":"Multiple buffer overflows in the CentennialIPTransferServer service (XFERWAN.EXE), as used by (1) Centennial Discovery 2006 Feature Pack 1, (2) Numara Asset Manager 8.0, and (3) Symantec Discovery 6.5, allow remote attackers to execute arbitrary code via long strings in a crafted TCP packet.","Type":"Description","Title":"CVE-2007-1173"},{"CveYear":"2007","CveId":"1173","Ordinal":"2","NoteData":"2007-05-16","Type":"Other","Title":"Published"},{"CveYear":"2007","CveId":"1173","Ordinal":"3","NoteData":"2017-07-28","Type":"Other","Title":"Modified"}]}}}