Lucene search

PRIOn knowledge basePRION:CVE-2006-0559

HistoryApr 04, 2006 - 2:04 p.m.

Format string

2006-04-0414:04:00

PRIOn knowledge base

www.prio-n.com

8.2 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.776 High

EPSS

Percentile

98.1%

JSON

Format string vulnerability in the SMTP server for McAfee WebShield 4.5 MR2 and earlier allows remote attackers to execute arbitrary code via format strings in the domain name portion of a destination address, which are not properly handled when a bounce message is constructed.

CPENameOperatorVersion
webshield_smtple4.5

CPE	Name	Operator	Version
	webshield_smtp	le	4.5

References

secunia.com/advisories/19491

securityreason.com/securityalert/671

securitytracker.com/id?1015861

www.osvdb.org/24366

www.securityfocus.com/archive/1/429812/100/0/threaded

www.securityfocus.com/bid/16742

www.vupen.com/english/advisories/2006/1219

exchange.xforce.ibmcloud.com/vulnerabilities/25621

8.2 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.776 High

EPSS

Percentile

98.1%

JSON

Related for PRION:CVE-2006-0559