7.5

CVE-2005-0706

Buffer overflow in discdb.c for grip 3.1.2 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing the cddb lookup to return more matches than expected.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GripGrip Version2.9.6
GripGrip Version3.1.2
GripGrip Version3.1.4
GripGrip Version3.2.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 4.62% 0.905
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://rpmfind.net/linux/RPM/suse/9.3/i386/suse/i586/gnome-vfs-1.0.5-816.2.i586.html
http://secunia.com/advisories/32803
http://secunia.com/advisories/33389
http://secunia.com/advisories/33824
http://security.gentoo.org/glsa/glsa-200503-21.xml
Patch
http://sourceforge.net/tracker/index.php?func=detail&aid=1160134&group_id=3714&atid=303714
http://sourceforge.net/tracker/index.php?func=detail&aid=834724&group_id=3714&atid=103714
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2005-304.html
http://www.redhat.com/support/errata/RHSA-2009-0005.html
http://www.securityfocus.com/bid/12770
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152919
https://exchange.xforce.ibmcloud.com/vulnerabilities/19648
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10768
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00429.html
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00490.html
https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00188.html