Lucene search

[email protected]NVD:CVE-2004-1303

HistoryJan 10, 2005 - 5:00 a.m.

CVE-2004-1303

2005-01-1005:00:00

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.9

Confidence

High

EPSS

0.001

Percentile

43.7%

JSON

Buffer overflow in the get function in get.c for Yanf 0.4 allows remote malicious web servers to execute arbitrary code via crafted HTTP responses.

Affected configurations

Nvd

Node

yanfyanfMatch0.4

VendorProductVersionCPE
yanfyanf0.4cpe:2.3:a:yanf:yanf:0.4:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
yanf	yanf	0.4	cpe:2.3:a:yanf:yanf:0.4:::::::*

References

tigger.uic.edu/~jlongs2/holes/yanf.txt

exchange.xforce.ibmcloud.com/vulnerabilities/18615

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.9

Confidence

High

EPSS

0.001

Percentile

43.7%

JSON

Related for NVD:CVE-2004-1303

cve1 cvelist1 exploitdb1