Multiple Products Full/Half Width Unicode Detection Evasion Vulnerability

BID:23980

Info

Multiple Products Full/Half Width Unicode Detection Evasion Vulnerability

Bugtraq ID: 23980
Class: Design Error
CVE: CVE-2007-5793
CVE-2007-2688
Remote: Yes
Local: No
Published: May 14 2007 12:00AM
Updated: Jul 05 2016 10:20PM
Credit: Fatih Ozavci and Caglar Cakici of Gamasec Security are credited with the discovery of this vulnerability.
Vulnerable: TippingPoint ZPHA 0
TippingPoint X506 0
TippingPoint X505 0
TippingPoint SMS 0
TippingPoint 600E 0
TippingPoint 5000E 0
TippingPoint 50 0
TippingPoint 2400E 0
TippingPoint 200E 0
TippingPoint 200 0
TippingPoint 1200E 0
Stonesoft StoneGate IPS Sensor and Analyzer 2.0.2
Stonesoft StoneGate IPS Sensor and Analyzer 2.0.1
Stonesoft StoneGate IPS Sensor and Analyzer 2.0
Cisco PIX/ASA 7.2.2
Cisco PIX/ASA 7.0.4 .3
Cisco PIX/ASA 7.0.4
Cisco PIX/ASA 7.0.1 .4
Cisco PIX/ASA 7.0
Cisco PIX/ASA 7.2.(2.8)
Cisco PIX/ASA 7.2.(2.7)
Cisco PIX/ASA 7.2.(2.19)
Cisco PIX/ASA 7.2.(2.17)
Cisco PIX/ASA 7.2.(2.16)
Cisco PIX/ASA 7.2(2.15)
Cisco PIX/ASA 7.2(2.14)
Cisco PIX/ASA 7.2(2.10)
Cisco PIX/ASA 7.2(1)
Cisco PIX/ASA 7.1.(2.49)
Cisco PIX/ASA 7.1.(2.48)
Cisco PIX/ASA 7.1(2.5)
Cisco PIX/ASA 7.1(2)
Cisco PIX/ASA 7.0(5.2)
Cisco PIX/ASA 7.0(5)
Cisco PIX 500 Series Security Appliance 7.1
Cisco PIX 500 Series Security Appliance 7.0
Cisco IOS 12.3 -7-JA2
Cisco IOS 12.4XT
Cisco IOS 12.4XP
Cisco IOS 12.4XJ
Cisco IOS 12.4XG
Cisco IOS 12.4XE
Cisco IOS 12.4XD
Cisco IOS 12.4XC
Cisco IOS 12.4XB
Cisco IOS 12.4XA
Cisco IOS 12.4T
Cisco IOS 12.4SW
Cisco IOS 12.4MR
Cisco IOS 12.4(9)T
Cisco IOS 12.4(8)
Cisco IOS 12.4(7a)
Cisco IOS 12.4(7)
Cisco IOS 12.4(6)T6
Cisco IOS 12.4(6)T1
Cisco IOS 12.4(6)T
Cisco IOS 12.4(5b)
Cisco IOS 12.4(5)
Cisco IOS 12.4(4)T2
Cisco IOS 12.4(4)T
Cisco IOS 12.4(4)MR
Cisco IOS 12.4(3d)
Cisco IOS 12.4(3b)
Cisco IOS 12.4(3a)
Cisco IOS 12.4(3)T2
Cisco IOS 12.4(3)
Cisco IOS 12.4(2)XB2
Cisco IOS 12.4(2)XB
Cisco IOS 12.4(2)XA
Cisco IOS 12.4(2)T4
Cisco IOS 12.4(2)T3
Cisco IOS 12.4(2)T2
Cisco IOS 12.4(2)T1
Cisco IOS 12.4(2)T
Cisco IOS 12.4(2)MR1
Cisco IOS 12.4(2)MR
Cisco IOS 12.4(1c)
Cisco IOS 12.4(1b)
Cisco IOS 12.4(12)
Cisco IOS 12.4(11)T
Cisco IOS 12.4(1)
Cisco IOS 12.4
Cisco IOS 12.3YZ
Cisco IOS 12.3YX
Cisco IOS 12.3YW
Cisco IOS 12.3YU
Cisco IOS 12.3YT
Cisco IOS 12.3YS
Cisco IOS 12.3YR
Cisco IOS 12.3YQ
Cisco IOS 12.3YN
Cisco IOS 12.3YM
Cisco IOS 12.3YL
Cisco IOS 12.3YK
Cisco IOS 12.3YJ
Cisco IOS 12.3YI
Cisco IOS 12.3YH
Cisco IOS 12.3YG
Cisco IOS 12.3YF
Cisco IOS 12.3YE
Cisco IOS 12.3YD
Cisco IOS 12.3YC
Cisco IOS 12.3YB
Cisco IOS 12.3YA
Cisco IOS 12.3XZ
Cisco IOS 12.3XY
Cisco IOS 12.3XX
Cisco IOS 12.3XW
Cisco IOS 12.3XV
Cisco IOS 12.3XU
Cisco IOS 12.3XT
Cisco IOS 12.3XS
Cisco IOS 12.3XR
Cisco IOS 12.3XQ
Cisco IOS 12.3XN
Cisco IOS 12.3XM
Cisco IOS 12.3XL
Cisco IOS 12.3XK
Cisco IOS 12.3XJ
Cisco IOS 12.3XI
Cisco IOS 12.3XH
Cisco IOS 12.3XG
Cisco IOS 12.3XF
Cisco IOS 12.3XE
Cisco IOS 12.3XD
Cisco IOS 12.3XC
Cisco IOS 12.3XB
Cisco IOS 12.3XA
Cisco IOS 12.3TPC
Cisco IOS 12.3T
Cisco IOS 12.3JX
Cisco IOS 12.3JL
Cisco IOS 12.3JK
Cisco IOS 12.3JEB
Cisco IOS 12.3JEA
Cisco IOS 12.3JA
Cisco IOS 12.3BW
Cisco IOS 12.3BC
Cisco IOS 12.3B
Cisco IOS 12.3(9e)
Cisco IOS 12.3(9d)
Cisco IOS 12.3(9c)
Cisco IOS 12.3(9b)
Cisco IOS 12.3(9a)BC7
Cisco IOS 12.3(9a)BC6
Cisco IOS 12.3(9a)BC2
Cisco IOS 12.3(9a)BC
Cisco IOS 12.3(9)T
Cisco IOS 12.3(9)
Cisco IOS 12.3(8)YI3
Cisco IOS 12.3(8)YI1
Cisco IOS 12.3(8)YI
Cisco IOS 12.3(8)YH
Cisco IOS 12.3(8)YG5
Cisco IOS 12.3(8)YG3
Cisco IOS 12.3(8)YG2
Cisco IOS 12.3(8)YG1
Cisco IOS 12.3(8)YG
Cisco IOS 12.3(8)YF
Cisco IOS 12.3(8)YD
Cisco IOS 12.3(8)YA1
Cisco IOS 12.3(8)XY6
Cisco IOS 12.3(8)XY5
Cisco IOS 12.3(8)XY4
Cisco IOS 12.3(8)XU2
Cisco IOS 12.3(8)T9
Cisco IOS 12.3(8)T8
Cisco IOS 12.3(8)T7
Cisco IOS 12.3(8)T4
Cisco IOS 12.3(8)T11
Cisco IOS 12.3(8)T10
Cisco IOS 12.3(8)T
Cisco IOS 12.3(8)JK
Cisco IOS 12.3(8)JA1
Cisco IOS 12.3(8)JA
Cisco IOS 12.3(7.7)
Cisco IOS 12.3(7)XR6
Cisco IOS 12.3(7)XR4
Cisco IOS 12.3(7)XR3
Cisco IOS 12.3(7)XI9
Cisco IOS 12.3(7)XI8a
Cisco IOS 12.3(7)XI7
Cisco IOS 12.3(7)XI4
Cisco IOS 12.3(7)XI3
Cisco IOS 12.3(7)T9
Cisco IOS 12.3(7)T8
Cisco IOS 12.3(7)T4
Cisco IOS 12.3(7)T12
Cisco IOS 12.3(7)T11
Cisco IOS 12.3(7)T10
Cisco IOS 12.3(7)T
Cisco IOS 12.3(7)JX
Cisco IOS 12.3(7)JA1
Cisco IOS 12.3(7)JA
Cisco IOS 12.3(6f)
Cisco IOS 12.3(6e)
Cisco IOS 12.3(6d)
Cisco IOS 12.3(6a)
Cisco IOS 12.3(6)T
Cisco IOS 12.3(6)
Cisco IOS 12.3(5f)
Cisco IOS 12.3(5e)
Cisco IOS 12.3(5c)
Cisco IOS 12.3(5b)
Cisco IOS 12.3(5a)B5
Cisco IOS 12.3(5a)B2
Cisco IOS 12.3(5a)b
Cisco IOS 12.3(5a)
Cisco IOS 12.3(5)T
Cisco IOS 12.3(5)B1
Cisco IOS 12.3(5)
Cisco IOS 12.3(4)XQ1
Cisco IOS 12.3(4)XQ
Cisco IOS 12.3(4)XK4
Cisco IOS 12.3(4)XK3
Cisco IOS 12.3(4)XK1
Cisco IOS 12.3(4)XK
Cisco IOS 12.3(4)XH
Cisco IOS 12.3(4)XG5
Cisco IOS 12.3(4)XG4
Cisco IOS 12.3(4)XG2
Cisco IOS 12.3(4)XG1
Cisco IOS 12.3(4)XE4
Cisco IOS 12.3(4)XD2
Cisco IOS 12.3(4)XD1
Cisco IOS 12.3(4)XD
Cisco IOS 12.3(4)TPC11a
Cisco IOS 12.3(4)T8
Cisco IOS 12.3(4)T4
Cisco IOS 12.3(4)T3
Cisco IOS 12.3(4)T2
Cisco IOS 12.3(4)T13
Cisco IOS 12.3(4)T1
Cisco IOS 12.3(4)T
Cisco IOS 12.3(4)JA1
Cisco IOS 12.3(4)JA
Cisco IOS 12.3(4)EO1
Cisco IOS 12.3(3i)
Cisco IOS 12.3(3h)
Cisco IOS 12.3(3e)
Cisco IOS 12.3(3a)
Cisco IOS 12.3(3)T
Cisco IOS 12.3(21)
Cisco IOS 12.3(20)
Cisco IOS 12.3(2)XE4
Cisco IOS 12.3(2)XE3
Cisco IOS 12.3(2)XC4
Cisco IOS 12.3(2)XC3
Cisco IOS 12.3(2)XC2
Cisco IOS 12.3(2)XC1
Cisco IOS 12.3(2)XA5
Cisco IOS 12.3(2)XA4
Cisco IOS 12.3(2)T8
Cisco IOS 12.3(2)T3
Cisco IOS 12.3(2)T
Cisco IOS 12.3(2)JL
Cisco IOS 12.3(2)JK1
Cisco IOS 12.3(2)JK
Cisco IOS 12.3(2)JA5
Cisco IOS 12.3(2)JA
Cisco IOS 12.3(1a)
Cisco IOS 12.3(18)
Cisco IOS 12.3(17b)BC3
Cisco IOS 12.3(16)
Cisco IOS 12.3(15b)
Cisco IOS 12.3(15a)
Cisco IOS 12.3(15)
Cisco IOS 12.3(14)YX2
Cisco IOS 12.3(14)YX
Cisco IOS 12.3(14)YU1
Cisco IOS 12.3(14)YU
Cisco IOS 12.3(14)YT1
Cisco IOS 12.3(14)YT
Cisco IOS 12.3(14)YQ8
Cisco IOS 12.3(14)YQ4
Cisco IOS 12.3(14)YQ3
Cisco IOS 12.3(14)YQ1
Cisco IOS 12.3(14)YQ
Cisco IOS 12.3(14)YM8
Cisco IOS 12.3(14)YM4
Cisco IOS 12.3(14)YG5
Cisco IOS 12.3(14)T9
Cisco IOS 12.3(14)T8
Cisco IOS 12.3(14)T7
Cisco IOS 12.3(14)T5
Cisco IOS 12.3(14)T4
Cisco IOS 12.3(14)T2
Cisco IOS 12.3(14)T
Cisco IOS 12.3(13b)
Cisco IOS 12.3(13a)BC1
Cisco IOS 12.3(13a)BC
Cisco IOS 12.3(13a)
Cisco IOS 12.3(13)T
Cisco IOS 12.3(13)
Cisco IOS 12.3(12e)
Cisco IOS 12.3(12d)
Cisco IOS 12.3(12b)
Cisco IOS 12.3(12a)
Cisco IOS 12.3(12)T
Cisco IOS 12.3(12)
Cisco IOS 12.3(11r)T2
Cisco IOS 12.3(11)YZ1
Cisco IOS 12.3(11)YW
Cisco IOS 12.3(11)YS1
Cisco IOS 12.3(11)YS
Cisco IOS 12.3(11)YR
Cisco IOS 12.3(11)YN
Cisco IOS 12.3(11)YL
Cisco IOS 12.3(11)YK2
Cisco IOS 12.3(11)YK1
Cisco IOS 12.3(11)YK
Cisco IOS 12.3(11)YJ
Cisco IOS 12.3(11)YF4
Cisco IOS 12.3(11)YF3
Cisco IOS 12.3(11)YF2
Cisco IOS 12.3(11)YF
Cisco IOS 12.3(11)XL3
Cisco IOS 12.3(11)XL
Cisco IOS 12.3(11)T8
Cisco IOS 12.3(11)T6
Cisco IOS 12.3(11)T5
Cisco IOS 12.3(11)T4
Cisco IOS 12.3(11)T2
Cisco IOS 12.3(11)T10
Cisco IOS 12.3(11)T
Cisco IOS 12.3(11)
Cisco IOS 12.3(10e)
Cisco IOS 12.3(10d)
Cisco IOS 12.3(10c)
Cisco IOS 12.3(10)T
Cisco IOS 12.3(10)a
Cisco IOS 12.3(10)
Cisco IOS 12.3(1)T
Cisco IOS 12.3
Cisco Intrustion Prevention software 5.1(1a)
Cisco Intrusion Prevention System 5.0 (3)
Cisco Intrusion Prevention System 5.0 (2)
Cisco Intrusion Prevention System 5.0 (1)
Cisco Intrusion Prevention System 5.1(p1)
Cisco Intrusion Prevention System 5.1(2)
Cisco Intrusion Prevention System 5.1(1e)
Cisco Intrusion Prevention System 5.1(1d)
Cisco Intrusion Prevention System 5.1(1c)
Cisco Intrusion Prevention System 5.1(1b)
Cisco Intrusion Prevention System 5.1(1)
Cisco Intrusion Prevention System 5.0(6p2)
Cisco Intrusion Prevention System 5.0(6p1)
Cisco Intrusion Prevention System 4.x
Not Vulnerable: Stonesoft StoneGate IPS 4.1
Stonesoft StoneGate IPS 4.0

Discussion

Multiple Products Full/Half Width Unicode Detection Evasion Vulnerability

Multiple products are reportedly prone to a vulnerability that may allow malicious HTTP traffic to bypass detection.

Attackers may send this type of HTTP data to evade detection and perform further attacks.

Cisco has stated that all IOS releases that support the Firewall/IPS feature set are affected. Although we currently have no definitive list of such versions, Symantec is investigating the matter and will update this BID's list of vulnerable systems appropriately.

Exploit / POC

Multiple Products Full/Half Width Unicode Detection Evasion Vulnerability

Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Solution / Fix

Multiple Products Full/Half Width Unicode Detection Evasion Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

References

© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report