Lucene search

MitreCVE-2005-1301

HistoryApr 26, 2005 - 4:00 a.m.

CVE-2005-1301

2005-04-2604:00:00

mitre

web.nvd.nist.gov

cve-2005-1301

nprotect

netizen

update

verification

vulnerability

nvd

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

AI Score

7.2

Confidence

Low

EPSS

0.001

Percentile

50.8%

JSON

nProtect:Netizen 2005.3.17.1 does not properly verify that the update module is downloaded from an authorized site, which allows remote malicious web sites to write arbitrary files.

Affected configurations

Nvd

Node

nprotectnetizenMatch2005.3.17.1

VendorProductVersionCPE
nprotectnetizen2005.3.17.1cpe:2.3:a:nprotect:netizen:2005.3.17.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
nprotect	netizen	2005.3.17.1	cpe:2.3:a:nprotect:netizen:2005.3.17.1:::::::*

References

jvn.jp/jp/JVN%23AF02FB4B/index.html

marc.info/?l=bugtraq&m=111444390329376&w=2

secunia.com/advisories/15101

www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/80_e.html

www.osvdb.org/15788

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

AI Score

7.2

Confidence

Low

EPSS

0.001

Percentile

50.8%

JSON

Related for CVE-2005-1301