5.4
CVE-2005-3899
- EPSS 0.82%
- Veröffentlicht 29.11.2005 21:03:00
- Zuletzt bearbeitet 16.06.2026 22:17:50
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
The automatic update feature in Google Talk allows remote attackers to cause a denial of service (CPU and memory consumption) by poisoning a target's DNS cache and causing a large update file to be sent, which consumes large amounts of CPU and memory during the signature verification, aka BenjiBug.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.82% | 0.523 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.4 | 4.9 | 6.9 |
AV:N/AC:H/Au:N/C:N/I:N/A:C
|
http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038969.html
http://marc.info/?l=bugtraq&m=113278119300162&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/23180