Lucene search

[email protected]CVE-2004-2160

HistoryDec 31, 2004 - 5:00 a.m.

CVE-2004-2160

2004-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2004-2160

format string vulnerability

xmlstarlet

command line

xml toolkit

denial of service

arbitrary code

nvd

7.7 High

AI Score

Confidence

High

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.001 Low

EPSS

Percentile

44.6%

JSON

Format string vulnerability in xml_elem.c for XMLStarlet Command Line XML Toolkit 0.9.3 may allow attackers to cause a denial of service or execute arbitrary code.

CPENameOperatorVersion
xmlstarlet:command_line_xml_toolkitxmlstarlet command line xml toolkiteq0.9.3

CPE	Name	Operator	Version
xmlstarlet:command_line_xml_toolkit	xmlstarlet command line xml toolkit	eq	0.9.3

References

cvs.sourceforge.net/viewcvs.py/xmlstar/xmlstarlet/src/xml_elem.c?r1=1.17&r2=1.18

sourceforge.net/project/shownotes.php?release_id=268962

7.7 High

AI Score

Confidence

High

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.001 Low

EPSS

Percentile

44.6%

JSON

Related for CVE-2004-2160

debiancve1 cvelist1