Lucene search

[email protected]CVE-2005-0729

HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-0729

2005-05-0204:00:00

[email protected]

web.nvd.nist.gov

format string

vulnerability

xpand rally

code execution

remote attackers

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

High

0.015 Low

EPSS

Percentile

87.0%

JSON

Format string vulnerability in Xpand Rally 1.1.0.0 and earlier allows remote attackers to execute arbitrary code via format string specifiers in a message.

Affected configurations

NVD

Node

techlandxpand_rallyMatch1.0

techlandxpand_rallyMatch1.1

CPENameOperatorVersion
techland:xpand_rallytechland xpand rallyeq1.0
techland:xpand_rallytechland xpand rallyeq1.1

CPE	Name	Operator	Version
techland:xpand_rally	techland xpand rally	eq	1.0
techland:xpand_rally	techland xpand rally	eq	1.1

References

aluigi.altervista.org/adv/xprallyfs-adv.txt

secunia.com/advisories/14545

www.securiteam.com/windowsntfocus/5DP0G00F5Q.html

exchange.xforce.ibmcloud.com/vulnerabilities/19649

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

High

0.015 Low

EPSS

Percentile

87.0%

JSON

Related for CVE-2005-0729

cvelist1 nvd1 kaspersky1