CVE-2007-4991

CVE Database · CVE-2007-4991

CVE-2007-4991

· N/AModified

CVSS v3.1

N/A

EPSS

16.15%

Published

Sep 21, 2007

Modified

Apr 22, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The SOCKS4 Proxy in Microsoft Internet Security and Acceleration (ISA) Server 2004 SP1 and SP2 allows remote attackers to obtain potentially sensitive information (the destination IP address of another user's session) via an empty packet.

Weaknesses (CWE)

CWE-200

Affected Products (2)

microsoft · isa_servervulnerable

References (10)

http://osvdb.org/45906

http://www.securityfocus.com/bid/25753

Patch

http://www.securitytracker.com/id?1018727

http://www.zerodayinitiative.com/advisories/ZDI-07-053.html

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/36715