Strix
26.1K

CVE-2007-0480

UnknownEPSS 9.23%

Last modified

CVE-2007-0480 is a vulnerability of currently unknown severity. Cisco IOS 9.x, 10.x, 11.x, and 12.x and IOS XR 2.0.x, 3.0.x, and 3.2.x allows remote attackers to cause a denial of service or execute arbitrary code via a crafted IP option in the IP header in a (1) ICMP, (2) PIMv2, (3) PGM, or (4) URD packet.. EPSS estimates a 9.23% chance of exploitation in the next 30 days.

Description

Cisco IOS 9.x, 10.x, 11.x, and 12.x and IOS XR 2.0.x, 3.0.x, and 3.2.x allows remote attackers to cause a denial of service or execute arbitrary code via a crafted IP option in the IP header in a (1) ICMP, (2) PIMv2, (3) PGM, or (4) URD packet.

Metrics

EPSS Probability
9.23%

94.7th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersions
CiscoIos Transmission Control Protocol12
CiscoIos Transmission Control Protocol12.0da
CiscoIos Transmission Control Protocol12.0db
CiscoIos Transmission Control Protocol12.0dc
CiscoIos Transmission Control Protocol12.0s
CiscoIos Transmission Control Protocol12.0sc
CiscoIos Transmission Control Protocol12.0sl
CiscoIos Transmission Control Protocol12.0sp
CiscoIos Transmission Control Protocol12.0st
CiscoIos Transmission Control Protocol12.0sx
CiscoIos Transmission Control Protocol12.0sy
CiscoIos Transmission Control Protocol12.0sz
CiscoIos Transmission Control Protocol12.0t
CiscoIos Transmission Control Protocol12.0w
CiscoIos Transmission Control Protocol12.0wc
CiscoIos Transmission Control Protocol12.0wt
CiscoIos Transmission Control Protocol12.0xa
CiscoIos Transmission Control Protocol12.0xb
CiscoIos Transmission Control Protocol12.0xc
CiscoIos Transmission Control Protocol12.0xd
CiscoIos Transmission Control Protocol12.0xe
CiscoIos Transmission Control Protocol12.0xf
CiscoIos Transmission Control Protocol12.0xg
CiscoIos Transmission Control Protocol12.0xh
CiscoIos Transmission Control Protocol12.0xi
CiscoIos Transmission Control Protocol12.0xj
CiscoIos Transmission Control Protocol12.0xk
CiscoIos Transmission Control Protocol12.0xl
CiscoIos Transmission Control Protocol12.0xm
CiscoIos Transmission Control Protocol12.0xq
CiscoIos Transmission Control Protocol12.0xr
CiscoIos Transmission Control Protocol12.0xs
CiscoIos Transmission Control Protocol12.0xv
CiscoIos Transmission Control Protocol12.0xw
CiscoIos Transmission Control Protocol12.1
CiscoIos Transmission Control Protocol12.1aa
CiscoIos Transmission Control Protocol12.1ax
CiscoIos Transmission Control Protocol12.1ay
CiscoIos Transmission Control Protocol12.1az
CiscoIos Transmission Control Protocol12.1cx
CiscoIos Transmission Control Protocol12.1da
CiscoIos Transmission Control Protocol12.1db
CiscoIos Transmission Control Protocol12.1dc
CiscoIos Transmission Control Protocol12.1e
CiscoIos Transmission Control Protocol12.1ea
CiscoIos Transmission Control Protocol12.1eb
CiscoIos Transmission Control Protocol12.1ec
CiscoIos Transmission Control Protocol12.1eo
CiscoIos Transmission Control Protocol12.1eu
CiscoIos Transmission Control Protocol12.1ev

Showing 50 of 253 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2007-0480?
Cisco IOS 9.x, 10.x, 11.x, and 12.x and IOS XR 2.0.x, 3.0.x, and 3.2.x allows remote attackers to cause a denial of service or execute arbitrary code via a crafted IP option in the IP header in a (1) ICMP, (2) PIMv2, (3) PGM, or (4) URD packet.
How severe is CVE-2007-0480?
Severity scoring for CVE-2007-0480 is pending analysis. The EPSS model estimates a 9.23% probability of exploitation in the next 30 days.
How do I fix CVE-2007-0480?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2007-0480?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST