7.5
CVE-2005-3182
- EPSS 4%
- Veröffentlicht 20.10.2005 10:02:00
- Zuletzt bearbeitet 16.06.2026 22:16:25
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Buffer overflow in the HTTP management interface for GFI MailSecurity 8.1 allows remote attackers to execute arbitrary code via long headers such as (1) Host and (2) Accept in HTTP requests. NOTE: the vendor suggests that this issues is "in an underlying Microsoft technology" which, if true, could mean that the overflow affects other products as well.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Gfi ≫ Mailsecurity Version8.1 Editionexchange_smtp
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 4% | 0.892 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0290.html
http://kbase.gfi.com/showarticle.asp?id=KBID002451
http://marc.info/?l=bugtraq&m=112914475508191&w=2
http://secunia.com/advisories/17136/
http://securityreason.com/securityalert/74
http://securitytracker.com/id?1015046
http://www.osvdb.org/19926
http://www.securityfocus.com/bid/15081