Lucene search

[email protected]CVE-2005-2772

HistorySep 02, 2005 - 11:03 p.m.

CVE-2005-2772

2005-09-0223:03:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2005-2772

buffer overflow

code execution

university of minnesota

gopher client

nvd

7.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.017 Low

EPSS

Percentile

87.7%

JSON

Multiple stack-based buffer overflows in University of Minnesota gopher client 3.0.9 allow remote malicious servers to execute arbitrary code via (1) a long “+VIEWS:” reply, which is not properly handled in the VIfromLine function, and (2) certain arguments when launching third party programs such as a web browser from a web link, which is not properly handled in the FIOgetargv function.

CPENameOperatorVersion
university_of_minnesota:gopheruniversity of minnesota gophereq3.0.9

CPE	Name	Operator	Version
university_of_minnesota:gopher	university of minnesota gopher	eq	3.0.9

References

marc.info/?l=bugtraq&m=112559902931614&w=2

secunia.com/advisories/16614/

secunia.com/advisories/17016

www.debian.org/security/2005/dsa-832

www.kb.cert.org/vuls/id/619812

www.securityfocus.com/bid/14693

exchange.xforce.ibmcloud.com/vulnerabilities/22053

7.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.017 Low

EPSS

Percentile

87.7%

JSON

Related for CVE-2005-2772

openvas2 debian2 securityvulns1 cvelist1 ubuntucve1 nessus1 debiancve1