6.8
CVE-2004-0179
- EPSS 11.06%
- Veröffentlicht 01.06.2004 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:05:06
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Multiple format string vulnerabilities in (1) neon 0.24.4 and earlier, and other products that use neon including (2) Cadaver, (3) Subversion, and (4) OpenOffice, allow remote malicious WebDAV servers to execute arbitrary code.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Debian ≫ Debian Linux Version3.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 11.06% | 0.953 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
CWE-134 Use of Externally-Controlled Format String
The product uses a function that accepts a format string as an argument, but the format string originates from an external source.
ftp://patches.sgi.com/support/free/security/advisories/20040404-01-U.asc
http://lists.suse.com/archive/suse-security-announce/2004-Apr/0002.html
http://lists.suse.com/archive/suse-security-announce/2004-Apr/0003.html
http://marc.info/?l=bugtraq&m=108213873203477&w=2
http://marc.info/?l=bugtraq&m=108214147022626&w=2
http://secunia.com/advisories/11363
http://security.gentoo.org/glsa/glsa-200405-01.xml
http://security.gentoo.org/glsa/glsa-200405-04.xml
http://www.debian.org/security/2004/dsa-487
http://www.mandriva.com/security/advisories?name=MDKSA-2004:032
http://www.osvdb.org/5365
http://www.redhat.com/support/errata/RHSA-2004-157.html
http://www.redhat.com/support/errata/RHSA-2004-158.html
http://www.redhat.com/support/errata/RHSA-2004-159.html
http://www.redhat.com/support/errata/RHSA-2004-160.html
http://www.securityfocus.com/bid/10136
https://bugzilla.fedora.us/show_bug.cgi?id=1552
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1065
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10913