10
CVE-2005-2758
- EPSS 13.44%
- Veröffentlicht 05.10.2005 19:02:00
- Zuletzt bearbeitet 16.06.2026 22:15:37
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Integer signedness error in the administrative interface for Symantec AntiVirus Scan Engine 4.0 and 4.3 allows remote attackers to execute arbitrary code via crafted HTTP headers with negative values, which lead to a heap-based buffer overflow.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Symantec ≫ Antivirus Scan Engine Version4.0
Symantec ≫ Antivirus Scan Engine Version4.0 Editionbluecoat
Symantec ≫ Antivirus Scan Engine Version4.0 Editionclearswift
Symantec ≫ Antivirus Scan Engine Version4.0 Editionnetapp_filer
Symantec ≫ Antivirus Scan Engine Version4.0 Editionnetapp_netcache
Symantec ≫ Antivirus Scan Engine Version4.3
Symantec ≫ Antivirus Scan Engine Version4.3 Editioncaching
Symantec ≫ Antivirus Scan Engine Version4.3 Editionclearswift
Symantec ≫ Antivirus Scan Engine Version4.3 Editionmicrosoft_sharepoint
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 13.44% | 0.959 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
http://secunia.com/advisories/17049
http://securityreason.com/securityalert/48
http://securitytracker.com/id?1015001
http://www.idefense.com/application/poi/display?id=314&type=vulnerabilities
http://www.kb.cert.org/vuls/id/849209
http://www.osvdb.org/19854
http://www.securityfocus.com/bid/15001
http://www.symantec.com/avcenter/security/Content/2005.10.04.html
http://www.vupen.com/english/advisories/2005/1954
https://exchange.xforce.ibmcloud.com/vulnerabilities/22519