{"id": "OSVDB:4975", "bulletinFamily": "software", "title": "Panda ActiveScan Control Internacional Heap Overflow", "description": "## Vulnerability Description\nA remote overflow exists in Panda ActiveScan Control \"Internacional\" Property version 5.0. The Panda ActiveScan Control improperly checks the bounds of the Internacional property resulting in a heap overflow. With a specially crafted request, an attacker can cause the service to stop responding and or execute arbitrary code on the targeted host.\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nA remote overflow exists in Panda ActiveScan Control \"Internacional\" Property version 5.0. The Panda ActiveScan Control improperly checks the bounds of the Internacional property resulting in a heap overflow. With a specially crafted request, an attacker can cause the service to stop responding and or execute arbitrary code on the targeted host.\n## References:\n[Secunia Advisory ID:11312](https://secuniaresearch.flexerasoftware.com/advisories/11312/)\nOther Advisory URL: http://theinsider.deep-ice.com/texts/advisory53.txt\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-04/0053.html\nISS X-Force ID: 15764\n[CVE-2004-1904](https://vulners.com/cve/CVE-2004-1904)\nBugtraq ID: 10065\n", "published": "2004-04-01T08:14:15", "modified": "2004-04-01T08:14:15", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vulners.com/osvdb/OSVDB:4975", "reporter": "Rafel Ivgi(the_insider@mail.com)", "references": [], "cvelist": ["CVE-2004-1904"], "type": "osvdb", "lastseen": "2017-04-28T13:19:59", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "7e6d24e5f582e81a85206858f0c430f1"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "727f37c9de3850944f1f33dcfa1e4bf6"}, {"key": "cvss", "hash": "e5d275b3ebd62646b78320753699e02e"}, {"key": "description", "hash": "0fc93987fbfbd65767e7b2b6663d0c7a"}, {"key": "href", "hash": "d46506d3be2ca88b72cf469cd4d1b3e2"}, {"key": "modified", "hash": "a0804b26646f15d763130aebb3b42503"}, {"key": "objectVersion", "hash": "56765472680401499c79732468ba4340"}, {"key": "published", "hash": "a0804b26646f15d763130aebb3b42503"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "05a15278b911ba615abe90b2b601f908"}, {"key": "title", "hash": "64c1fa18f2356143ec68ebfcee93a6b9"}, {"key": "type", "hash": "1327ac71f7914948578f08c54f772b10"}], "hash": "924cda578507feae8375d196343f9829d87ec67eb375db63b72f439343e1fe28", "viewCount": 0, "objectVersion": "1.2", "affectedSoftware": [{"name": "ActiveScan", "operator": "eq", "version": "5.0"}], "enchantments": {"vulnersScore": 7.5}}

{"result": {"cve": [{"id": "CVE-2004-1904", "type": "cve", "title": "CVE-2004-1904", "description": "Buffer overflow in ascontrol.dll in Panda ActiveScan 5.0 allows remote attackers to execute arbitrary code via the Internacional property followed by a long string.", "published": "2004-12-31T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-1904", "cvelist": ["CVE-2004-1904"], "lastseen": "2017-07-11T11:14:38"}], "exploitdb": [{"id": "EDB-ID:23917", "type": "exploitdb", "title": "Panda ActiveScan 5.0 ASControl.DLL Remote Heap Overflow Vulnerability", "description": "Panda ActiveScan 5.0 ASControl.DLL Remote Heap Overflow Vulnerability. CVE-2004-1904 . Dos exploit for windows platform", "published": "2004-04-06T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.exploit-db.com/exploits/23917/", "cvelist": ["CVE-2004-1904"], "lastseen": "2016-02-02T22:06:00"}]}}