CVE-2007-0918

Name: CVE-2007-0918
Creator: NVD / NIST
Published: 2007-02-14T02:28:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 3.11%

Last modified Jun 16, 2026

CVE-2007-0918 is a vulnerability of currently unknown severity. The ATOMIC.TCP signature engine in the Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XA, 12.3YA, 12.3T, and other trains allows remote attackers to cause a denial of service (IPS crash and traffic loss) via unspecified manipulations that are not properly handled by the regular expression feature, as demonstrated using the 3123.0 (Netbus Pro Traffic) signature.. EPSS estimates a 3.11% chance of exploitation in the next 30 days.

Description

The ATOMIC.TCP signature engine in the Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XA, 12.3YA, 12.3T, and other trains allows remote attackers to cause a denial of service (IPS crash and traffic loss) via unspecified manipulations that are not properly handled by the regular expression feature, as demonstrated using the 3123.0 (Netbus Pro Traffic) signature.

Metrics

EPSS Probability

3.11%

86.1th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Cisco	Ios	12.3t
Cisco	Ios	12.3xq
Cisco	Ios	12.3xr
Cisco	Ios	12.3xs
Cisco	Ios	12.3xw
Cisco	Ios	12.3xx
Cisco	Ios	12.3xy
Cisco	Ios	12.3ya
Cisco	Ios	12.3yd
Cisco	Ios	12.3yg
Cisco	Ios	12.3yh
Cisco	Ios	12.3yi
Cisco	Ios	12.3yj
Cisco	Ios	12.3yk
Cisco	Ios	12.3ym
Cisco	Ios	12.3yq
Cisco	Ios	12.3ys
Cisco	Ios	12.3yt
Cisco	Ios	12.3yx
Cisco	Ios	12.3yz
Cisco	Ios	12.4
Cisco	Ios	12.4mr
Cisco	Ios	12.4t
Cisco	Ios	12.4xa
Cisco	Ios	12.4xb

References

http://osvdb.org/33053Broken Link
http://secunia.com/advisories/24142Third Party Advisory
http://www.cisco.com/en/US/products/products_security_advisory09186a00807e0a5b.shtmlVendor Advisory
http://www.cisco.com/en/US/products/products_security_response09186a00807e0a5e.htmlVendor Advisory
http://www.securityfocus.com/bid/22549Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1017631Broken Link, Third Party Advisory, VDB Entry
http://www.vupen.com/english/advisories/2007/0597Permissions Required, Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/32474Third Party Advisory, VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5832Broken Link
http://osvdb.org/33053Broken Link
http://secunia.com/advisories/24142Third Party Advisory
http://www.cisco.com/en/US/products/products_security_advisory09186a00807e0a5b.shtmlVendor Advisory
http://www.cisco.com/en/US/products/products_security_response09186a00807e0a5e.htmlVendor Advisory
http://www.securityfocus.com/bid/22549Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1017631Broken Link, Third Party Advisory, VDB Entry
http://www.vupen.com/english/advisories/2007/0597Permissions Required, Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/32474Third Party Advisory, VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5832Broken Link

Timeline

Published: Feb 14, 2007
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2007-0918?

How severe is CVE-2007-0918?

Severity scoring for CVE-2007-0918 is pending analysis. The EPSS model estimates a 3.11% probability of exploitation in the next 30 days.

How do I fix CVE-2007-0918?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2007-0918?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST