10
CVE-2005-2758
- EPSS 22.57%
- Veröffentlicht 05.10.2005 19:02:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
- Quelle cve@mitre.org
- Teams Watchlist Login
- Unerledigt Login
Integer signedness error in the administrative interface for Symantec AntiVirus Scan Engine 4.0 and 4.3 allows remote attackers to execute arbitrary code via crafted HTTP headers with negative values, which lead to a heap-based buffer overflow.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Symantec ≫ Antivirus Scan Engine Version4.0
Symantec ≫ Antivirus Scan Engine Version4.0 Editionbluecoat
Symantec ≫ Antivirus Scan Engine Version4.0 Editionclearswift
Symantec ≫ Antivirus Scan Engine Version4.0 Editionnetapp_filer
Symantec ≫ Antivirus Scan Engine Version4.0 Editionnetapp_netcache
Symantec ≫ Antivirus Scan Engine Version4.3
Symantec ≫ Antivirus Scan Engine Version4.3 Editioncaching
Symantec ≫ Antivirus Scan Engine Version4.3 Editionclearswift
Symantec ≫ Antivirus Scan Engine Version4.3 Editionmicrosoft_sharepoint
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 22.57% | 0.955 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|