7.5

CVE-2005-3182

EPSS 6.29%
Veröffentlicht 20.10.2005 10:02:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Buffer overflow in the HTTP management interface for GFI MailSecurity 8.1 allows remote attackers to execute arbitrary code via long headers such as (1) Host and (2) Accept in HTTP requests.  NOTE: the vendor suggests that this issues is "in an underlying Microsoft technology" which, if true, could mean that the overflow affects other products as well.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 11

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Gfi ≫ Mailsecurity Version8.1 Editionexchange_smtp

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	6.29%	0.9

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0290.html

http://kbase.gfi.com/showarticle.asp?id=KBID002451

Patch

http://marc.info/?l=bugtraq&m=112914475508191&w=2

http://secunia.com/advisories/17136/

Patch

Vendor Advisory

http://securityreason.com/securityalert/74

http://securitytracker.com/id?1015046

http://www.osvdb.org/19926

http://www.securityfocus.com/bid/15081

Patch

https://nvd.nist.gov/vuln/detail/CVE-2005-3182

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-3182

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-3182

EUVD