Lucene search

[email protected]CVE-2004-0262

HistoryNov 23, 2004 - 5:00 a.m.

CVE-2004-0262

2004-11-2305:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve

buffer overflow

stack-based

security vulnerability

the palace 3.5

nvd

8.9 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.051 Low

EPSS

Percentile

92.8%

JSON

Stack-based buffer overflow in The Palace 3.5 and earlier client allows remote attackers to execute arbitrary code via a link to a palace:// url followed by a long server address string.

CPENameOperatorVersion
the_palace:the_palace_clientthe palace the palace clienteq3.5

CPE	Name	Operator	Version
the_palace:the_palace_client	the palace the palace client	eq	3.5

References

archives.neohapsis.com/archives/vulnwatch/2004-q1/0033.html

marc.info/?l=bugtraq&m=107634556632195&w=2

www.elitehaven.net/thepalace.txt

www.securityfocus.com/bid/9602

exchange.xforce.ibmcloud.com/vulnerabilities/15074

8.9 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.051 Low

EPSS

Percentile

92.8%

JSON