Lucene search

[email protected]CVE-2005-3486

HistoryNov 03, 2005 - 10:02 p.m.

CVE-2005-3486

2005-11-0322:02:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

scorched 3d

vulnerabilities

remote code execution

format string

nvd

cve-2005-3486

7.9 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.143 Low

EPSS

Percentile

95.7%

JSON

Multiple format string vulnerabilities in Scorched 3D 39.1 (bf) and earlier allow remote attackers to execute arbitrary code via various (1) GLConsole::addLine, (2) ServerCommon::sendString, (3) ServerCommon::serverLog functions, and possibly other unspecified vectors.

CPENameOperatorVersion
scorched_3d:scorched_3dscorched 3deq39.1

CPE	Name	Operator	Version
scorched_3d:scorched_3d	scorched 3d	eq	39.1

References

aluigi.altervista.org/adv/scorchbugs-adv.txt

marc.info/?l=full-disclosure&m=113095941031946&w=2

secunia.com/advisories/17423

www.gentoo.org/security/en/glsa/glsa-200511-12.xml

www.securityfocus.com/bid/15292

www.vupen.com/english/advisories/2005/2288

7.9 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.143 Low

EPSS

Percentile

95.7%

JSON

Related for CVE-2005-3486

debiancve1 ubuntucve1 cvelist1 openvas2 nessus1 gentoo1