CVE-2005-4085

2005-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

bluecoat

winproxy

proxyav

buffer overflow

remote code execution

cve-2005-4085

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.578 Medium

EPSS

Percentile

97.7%

JSON

Buffer overflow in BlueCoat (a) WinProxy before 6.1a and (b) the web console access functionality in ProxyAV before 2.4.2.3 allows remote attackers to execute arbitrary code via a long Host: header.

CPENameOperatorVersion
bluecoat:webproxybluecoat webproxyeq5.0
bluecoat:webproxybluecoat webproxyeq4.0
bluecoat:webproxybluecoat webproxyeq5.2
bluecoat:webproxybluecoat webproxyeq5.1
bluecoat:webproxybluecoat webproxyeq6.0
bluecoat:proxyavbluecoat proxyaveq*

CPE	Name	Operator	Version
bluecoat:webproxy	bluecoat webproxy	eq	5.0
bluecoat:webproxy	bluecoat webproxy	eq	4.0
bluecoat:webproxy	bluecoat webproxy	eq	5.2
bluecoat:webproxy	bluecoat webproxy	eq	5.1
bluecoat:webproxy	bluecoat webproxy	eq	6.0
bluecoat:proxyav	bluecoat proxyav	eq	*