Lucene search

[email protected]CVE-2005-3154

HistoryOct 05, 2005 - 11:02 p.m.

CVE-2005-3154

2005-10-0523:02:00

CWE-134

[email protected]

web.nvd.nist.gov

cve-2005-3154

format string vulnerability

bitdefender antivirus

denial of service

arbitrary code execution

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

High

0.125 Low

EPSS

Percentile

95.5%

JSON

Format string vulnerability in the logging functionality in BitDefender AntiVirus 7.2 through 9 allows remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in file or directory name.

Affected configurations

NVD

Node

softwinbitdefenderMatch7.2

softwinbitdefenderMatch8.0

softwinbitdefenderMatch9.0

CPENameOperatorVersion
softwin:bitdefendersoftwin bitdefendereq7.2
softwin:bitdefendersoftwin bitdefendereq8.0
softwin:bitdefendersoftwin bitdefendereq9.0

CPE	Name	Operator	Version
softwin:bitdefender	softwin bitdefender	eq	7.2
softwin:bitdefender	softwin bitdefender	eq	8.0
softwin:bitdefender	softwin bitdefender	eq	9.0

References

kb.bitdefender.com/KB261-en--Filename-Format-String-Vulnerability.html

secunia.com/advisories/16991

securityreason.com/securityalert/45

shadock.net/secubox/BitDefenderLoggingFunc.html

www.securityfocus.com/bid/14968

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

High

0.125 Low

EPSS

Percentile

95.5%

JSON

Related for CVE-2005-3154

checkpoint_advisories2 nvd1 cvelist1