Lucene search

K
cve[email protected]CVE-2005-2758
HistoryOct 05, 2005 - 7:02 p.m.

CVE-2005-2758

2005-10-0519:02:00
NVD-CWE-Other
web.nvd.nist.gov
27
symantec
antivirus
scan engine
cve-2005-2758
remote code execution
http headers
security vulnerability

7.9 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.02 Low

EPSS

Percentile

88.4%

Integer signedness error in the administrative interface for Symantec AntiVirus Scan Engine 4.0 and 4.3 allows remote attackers to execute arbitrary code via crafted HTTP headers with negative values, which lead to a heap-based buffer overflow.

7.9 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.02 Low

EPSS

Percentile

88.4%

Related for CVE-2005-2758