7.5

CVE-2004-0362

Exploit

Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote attackers to execute arbitrary code via a SRV_MULTI response containing a SRV_USER_ONLINE response packet and a SRV_META_USER response packet with long (1) nickname, (2) firstname, (3) lastname, or (4) email address fields, as exploited by the Witty worm.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IssBlackice Agent Server Version3.6ebz
IssBlackice Agent Server Version3.6eca
IssBlackice Agent Server Version3.6ecb
IssBlackice Agent Server Version3.6ecc
IssBlackice Agent Server Version3.6ecd
IssBlackice Agent Server Version3.6ece
IssBlackice Agent Server Version3.6ecf
IssBlackice Pc Protection Version3.6cbz
IssBlackice Pc Protection Version3.6cca
IssBlackice Pc Protection Version3.6ccb
IssBlackice Pc Protection Version3.6ccc
IssBlackice Pc Protection Version3.6ccd
IssBlackice Pc Protection Version3.6cce
IssBlackice Pc Protection Version3.6ccf
IssBlackice Server Protection Version3.6cbz
IssBlackice Server Protection Version3.6cca
IssBlackice Server Protection Version3.6ccb
IssBlackice Server Protection Version3.6ccc
IssBlackice Server Protection Version3.6ccd
IssBlackice Server Protection Version3.6cce
IssBlackice Server Protection Version3.6ccf
IssRealsecure Desktop Version3.6ebz
IssRealsecure Desktop Version3.6eca
IssRealsecure Desktop Version3.6ecb
IssRealsecure Desktop Version3.6ecd
IssRealsecure Desktop Version3.6ece
IssRealsecure Desktop Version3.6ecf
IssRealsecure Desktop Version7.0eba
IssRealsecure Desktop Version7.0ebf
IssRealsecure Desktop Version7.0ebg
IssRealsecure Desktop Version7.0ebh
IssRealsecure Desktop Version7.0ebj
IssRealsecure Desktop Version7.0ebk
IssRealsecure Desktop Version7.0ebl
IssRealsecure Guard Version3.6ebz
IssRealsecure Guard Version3.6eca
IssRealsecure Guard Version3.6ecb
IssRealsecure Guard Version3.6ecc
IssRealsecure Guard Version3.6ecd
IssRealsecure Guard Version3.6ece
IssRealsecure Guard Version3.6ecf
IssRealsecure Network Sensor Version7.0 Updatexpu_20.11
IssRealsecure Network Sensor Version7.0 Updatexpu_22.10
IssRealsecure Network Sensor Version7.0 Updatexpu_22.4
IssRealsecure Network Sensor Version7.0 Updatexpu_22.9
IssRealsecure Sentry Version3.6ebz
IssRealsecure Sentry Version3.6eca
IssRealsecure Sentry Version3.6ecb
IssRealsecure Sentry Version3.6ecc
IssRealsecure Sentry Version3.6ecd
IssRealsecure Sentry Version3.6ece
IssRealsecure Sentry Version3.6ecf
IssRealsecure Server Sensor Version6.0 Editionwindows
IssRealsecure Server Sensor Version6.0.1 Editionwindows
IssRealsecure Server Sensor Version6.0.1_win_sr1.1
IssRealsecure Server Sensor Version6.5 Editionwindows
IssRealsecure Server Sensor Version6.5 Updatesr3.2 Editionwindows
IssRealsecure Server Sensor Version6.5 Updatesr3.3 Editionwindows
IssRealsecure Server Sensor Version6.5_win_sr3.1
IssRealsecure Server Sensor Version6.5_win_sr3.4
IssRealsecure Server Sensor Version6.5_win_sr3.5
IssRealsecure Server Sensor Version6.5_win_sr3.6
IssRealsecure Server Sensor Version6.5_win_sr3.7
IssRealsecure Server Sensor Version6.5_win_sr3.8
IssRealsecure Server Sensor Version6.5_win_sr3.9
IssRealsecure Server Sensor Version6.5_win_sr3.10
IssRealsecure Server Sensor Version7.0 Updatexpu22.1
IssRealsecure Server Sensor Version7.0 Updatexpu22.10
IssRealsecure Server Sensor Version7.0 Updatexpu22.11
IssRealsecure Server Sensor Version7.0 Updatexpu22.2
IssRealsecure Server Sensor Version7.0 Updatexpu22.3
IssRealsecure Server Sensor Version7.0 Updatexpu22.4
IssRealsecure Server Sensor Version7.0 Updatexpu22.5
IssRealsecure Server Sensor Version7.0 Updatexpu22.6
IssRealsecure Server Sensor Version7.0 Updatexpu22.7
IssRealsecure Server Sensor Version7.0 Updatexpu22.8
IssRealsecure Server Sensor Version7.0 Updatexpu22.9
IssProventia A Series Xpu Version20.11
IssProventia A Series Xpu Version22.1
IssProventia A Series Xpu Version22.2
IssProventia A Series Xpu Version22.3
IssProventia A Series Xpu Version22.4
IssProventia A Series Xpu Version22.5
IssProventia A Series Xpu Version22.6
IssProventia A Series Xpu Version22.7
IssProventia A Series Xpu Version22.8
IssProventia A Series Xpu Version22.9
IssProventia A Series Xpu Version22.10
IssProventia G Series Xpu Version22.1
IssProventia G Series Xpu Version22.2
IssProventia G Series Xpu Version22.3
IssProventia G Series Xpu Version22.4
IssProventia G Series Xpu Version22.5
IssProventia G Series Xpu Version22.6
IssProventia G Series Xpu Version22.7
IssProventia G Series Xpu Version22.8
IssProventia G Series Xpu Version22.9
IssProventia G Series Xpu Version22.10
IssProventia G Series Xpu Version22.11
IssProventia M Series Xpu Version1.1
IssProventia M Series Xpu Version1.2
IssProventia M Series Xpu Version1.3
IssProventia M Series Xpu Version1.4
IssProventia M Series Xpu Version1.5
IssProventia M Series Xpu Version1.6
IssProventia M Series Xpu Version1.7
IssProventia M Series Xpu Version1.8
IssProventia M Series Xpu Version1.9
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 83.4% 0.992
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
http://www.kb.cert.org/vuls/id/947254
Patch
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/9913
Patch
Vendor Advisory
Exploit