Lucene search

MitreCVE-2004-0227

HistoryJun 14, 2004 - 4:00 a.m.

CVE-2004-0227

2004-06-1404:00:00

mitre

web.nvd.nist.gov

cve-2004-0227

buffer overflow

zoneminder

remote code execution

nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.7

Confidence

High

EPSS

0.035

Percentile

91.6%

JSON

Buffer overflow in the zms script in ZoneMinder before 1.19.2 may allow a remote attacker to execute arbitrary code via a long query string.

Affected configurations

Nvd

Node

triorniszoneminderMatch1.17.0

triorniszoneminderMatch1.17.1

triorniszoneminderMatch1.17.2

triorniszoneminderMatch1.18.0

triorniszoneminderMatch1.18.1

triorniszoneminderMatch1.19.0

triorniszoneminderMatch1.19.1

VendorProductVersionCPE
triorniszoneminder1.17.0cpe:2.3:a:triornis:zoneminder:1.17.0:*:*:*:*:*:*:*
triorniszoneminder1.17.1cpe:2.3:a:triornis:zoneminder:1.17.1:*:*:*:*:*:*:*
triorniszoneminder1.17.2cpe:2.3:a:triornis:zoneminder:1.17.2:*:*:*:*:*:*:*
triorniszoneminder1.18.0cpe:2.3:a:triornis:zoneminder:1.18.0:*:*:*:*:*:*:*
triorniszoneminder1.18.1cpe:2.3:a:triornis:zoneminder:1.18.1:*:*:*:*:*:*:*
triorniszoneminder1.19.0cpe:2.3:a:triornis:zoneminder:1.19.0:*:*:*:*:*:*:*
triorniszoneminder1.19.1cpe:2.3:a:triornis:zoneminder:1.19.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
triornis	zoneminder	1.17.0	cpe:2.3:a:triornis:zoneminder:1.17.0:::::::*
triornis	zoneminder	1.17.1	cpe:2.3:a:triornis:zoneminder:1.17.1:::::::*
triornis	zoneminder	1.17.2	cpe:2.3:a:triornis:zoneminder:1.17.2:::::::*
triornis	zoneminder	1.18.0	cpe:2.3:a:triornis:zoneminder:1.18.0:::::::*
triornis	zoneminder	1.18.1	cpe:2.3:a:triornis:zoneminder:1.18.1:::::::*
triornis	zoneminder	1.19.0	cpe:2.3:a:triornis:zoneminder:1.19.0:::::::*
triornis	zoneminder	1.19.1	cpe:2.3:a:triornis:zoneminder:1.19.1:::::::*

References

www.securityfocus.com/bid/10340

www.zoneminder.com/index.php?id=20&type=0&backPID=20&tt_news=29

exchange.xforce.ibmcloud.com/vulnerabilities/16136

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.7

Confidence

High

EPSS

0.035

Percentile

91.6%

JSON

Related for CVE-2004-0227