7.5

CVE-2004-0398

Heap-based buffer overflow in the ne_rfc1036_parse date parsing function for the neon library (libneon) 0.24.5 and earlier, as used by cadaver before 0.22, allows remote WebDAV servers to execute arbitrary code on the client.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
WebdavCadaver Version < 0.22.0
WebdavNeon Version <= 0.24.5
DebianDebian Linux Version3.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 5.02% 0.911
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://bugzilla.fedora.us/show_bug.cgi?id=1552
Broken Link
http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0982.html
Broken Link
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000841
Broken Link
http://marc.info/?l=bugtraq&m=108498433632333&w=2
Third Party Advisory
http://marc.info/?l=bugtraq&m=108500057108022&w=2
Third Party Advisory
http://secunia.com/advisories/11638
Third Party Advisory
http://secunia.com/advisories/11650
Third Party Advisory
http://secunia.com/advisories/11673
Third Party Advisory
http://security.gentoo.org/glsa/glsa-200405-13.xml
Third Party Advisory
http://security.gentoo.org/glsa/glsa-200405-15.xml
Third Party Advisory
http://www.ciac.org/ciac/bulletins/o-148.shtml
Broken Link
http://www.debian.org/security/2004/dsa-506
Third Party Advisory
http://www.debian.org/security/2004/dsa-507
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2004:049
Third Party Advisory
http://www.osvdb.org/6302
Broken Link
http://www.redhat.com/support/errata/RHSA-2004-191.html
Third Party Advisory
http://www.securityfocus.com/bid/10385
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/16192
Third Party Advisory
VDB Entry