Lucene search

[email protected]NVD:CVE-2004-1034

HistoryMar 01, 2005 - 5:00 a.m.

CVE-2004-1034

2005-03-0105:00:00

[email protected]

web.nvd.nist.gov

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

High

0.055 Low

EPSS

Percentile

93.3%

JSON

Buffer overflow in the http_open function in Kaffeine before 0.5, whose code is also used in gxine before 0.3.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long Content-Type header for a Real Audio Media (.ram) playlist file.

Affected configurations

NVD

Node

kaffeinekaffeine_playerMatch0.4.2

kaffeinekaffeine_playerMatch0.4.3

kaffeinekaffeine_playerMatch0.4.3b

kaffeinekaffeine_playerMatch0.5_rc1

xinegxineMatch0.3

Node

gentoolinux

References

lists.grok.org.uk/pipermail/full-disclosure/2004-October/028061.html

secunia.com/advisories/13117/

security.gentoo.org/glsa/glsa-200411-14.xml

sourceforge.net/tracker/index.php?func=detail&aid=1060299&group_id=9655&atid=109655

www.securityfocus.com/bid/11528

exchange.xforce.ibmcloud.com/vulnerabilities/17849

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

High

0.055 Low

EPSS

Percentile

93.3%

JSON

Related for NVD:CVE-2004-1034

cve1 openvas2 cvelist1 debiancve1 nessus1 gentoo1