sourcefire 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
一般的な弱点パターンには バッファオーバーフロー、vendor risk denial of service, and vendor risk integer handling があり、vendor surface software deployment and vendor surface production workloads の利用場面で アプリケーションクラッシュ などのリスクが生じる可能性があります。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2010-2306 | The default installation of Sourcefire 3D Sensor 1000, 2000, and 9900; and Defense Center 1000; uses the same static, private SSL keys for multiple devices and installations, which allows remote attackers to decrypt SSL traffic via a man-in-the-middle (MITM) attack. | [email protected] | 4.3 | 1.46% | 2010-06-16 | 2026-04-29 |
| CVE-2009-2344 | The web-based management interfaces in Sourcefire Defense Center (DC) and 3D Sensor before 4.8.2 allow remote authenticated users to gain privileges via a $admin value for the admin parameter in an edit action to admin/user/user.cgi and unspecified other components. | [email protected] | 9.0 | 9.25% | 2009-07-07 | 2026-04-23 |
| CVE-2006-5276 | Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 before beta 2; and Sourcefire Intrusion Sensor; allows remote attackers to execute arbitrary code via crafted SMB traffic. | [email protected] | 10.0 | 79.32% | 2007-02-20 | 2026-04-23 |
| CVE-2006-2769 | The HTTP Inspect preprocessor (http_inspect) in Snort 2.4.0 through 2.4.4 allows remote attackers to bypass "uricontent" rules via a carriage return (\r) after the URL and before the HTTP declaration. | [email protected] | 5.0 | 10.62% | 2006-06-02 | 2026-04-16 |
| CVE-2006-0839 | The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option lengths. | [email protected] | 5.0 | 1.38% | 2006-02-22 | 2026-04-16 |
| CVE-2005-3252 | Stack-based buffer overflow in the Back Orifice (BO) preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code via a crafted UDP packet. | [email protected] | 7.5 | 83.90% | 2005-10-18 | 2026-04-16 |
| CVE-2004-2652 | The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when printing TCP/IP options using FAST output or verbose mode, allows remote attackers to cause a denial of service (crash) via packets with invalid TCP/IP options, which trigger a null dereference. | [email protected] | 7.8 | 11.19% | 2004-12-31 | 2026-04-16 |
| CVE-2003-0209 | Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-based buffer overflow. | [email protected] | 10.0 | 38.03% | 2003-05-05 | 2026-04-16 |