Lucene search

[email protected]CVE-2004-0309

HistoryNov 23, 2004 - 5:00 a.m.

CVE-2004-0309

2004-11-2305:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

buffer overflow

zonealarm

smtp

vsmon.exe

security vulnerability

cve-2004-0309

8.3 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.11 Low

EPSS

Percentile

95.0%

JSON

Stack-based buffer overflow in the SMTP service support in vsmon.exe in Zone Labs ZoneAlarm before 4.5.538.001, ZoneLabs Integrity client 4.0 before 4.0.146.046, and 4.5 before 4.5.085, allows remote attackers to execute arbitrary code via a long RCPT TO argument.

CPENameOperatorVersion
zonelabs:zonealarmzonelabs zonealarmeq4.0
zonelabs:integrityzonelabs integrityeq4.0
zonelabs:zonealarmzonelabs zonealarmeq4.5

CPE	Name	Operator	Version
zonelabs:zonealarm	zonelabs zonealarm	eq	4.0
zonelabs:integrity	zonelabs integrity	eq	4.0
zonelabs:zonealarm	zonelabs zonealarm	eq	4.5

References

download.zonelabs.com/bin/free/securityAlert/8.html

marc.info/?l=bugtraq&m=107722656827427&w=2

www.ciac.org/ciac/bulletins/o-084.shtml

www.kb.cert.org/vuls/id/619982

www.osvdb.org/3991

www.securityfocus.com/bid/9696

exchange.xforce.ibmcloud.com/vulnerabilities/14991

8.3 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.11 Low

EPSS

Percentile

95.0%

JSON

Related for CVE-2004-0309

checkpoint_advisories1