6.8

CVE-2004-0179

Multiple format string vulnerabilities in (1) neon 0.24.4 and earlier, and other products that use neon including (2) Cadaver, (3) Subversion, and (4) OpenOffice, allow remote malicious WebDAV servers to execute arbitrary code.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
WebdavNeon Version >= 0.19.0 < 0.24.5
   ApacheOpenoffice
   ApacheSubversion
   WebdavCadaver
DebianDebian Linux Version3.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 11.06% 0.953
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P
CWE-134 Use of Externally-Controlled Format String

The product uses a function that accepts a format string as an argument, but the format string originates from an external source.

ftp://patches.sgi.com/support/free/security/advisories/20040404-01-U.asc
Broken Link
http://lists.suse.com/archive/suse-security-announce/2004-Apr/0002.html
Broken Link
http://lists.suse.com/archive/suse-security-announce/2004-Apr/0003.html
Broken Link
http://marc.info/?l=bugtraq&m=108213873203477&w=2
Third Party Advisory
Issue Tracking
http://marc.info/?l=bugtraq&m=108214147022626&w=2
Third Party Advisory
Issue Tracking
http://secunia.com/advisories/11363
Third Party Advisory
http://security.gentoo.org/glsa/glsa-200405-01.xml
Third Party Advisory
http://security.gentoo.org/glsa/glsa-200405-04.xml
Third Party Advisory
http://www.debian.org/security/2004/dsa-487
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2004:032
Third Party Advisory
http://www.osvdb.org/5365
Broken Link
http://www.redhat.com/support/errata/RHSA-2004-157.html
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2004-158.html
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2004-159.html
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2004-160.html
Third Party Advisory
http://www.securityfocus.com/bid/10136
Third Party Advisory
VDB Entry
https://bugzilla.fedora.us/show_bug.cgi?id=1552
Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1065
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10913
Third Party Advisory