Lucene search

[email protected]CVE-2004-1763

HistoryMar 10, 2005 - 5:00 a.m.

CVE-2004-1763

2005-03-1005:00:00

[email protected]

web.nvd.nist.gov

cve-2004-1763

buffer overflow

hahtsite

scenario server

denial of service

remote attackers

arbitrary code

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8.4 High

AI Score

Confidence

High

0.078 Low

EPSS

Percentile

94.2%

JSON

Buffer overflow in hsrun.exe for HAHTsite Scenario Server 5.1 Patch 06 (build 91) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long project name.

Affected configurations

NVD

Node

haht_commercehahtsite_scenario_serverMatch5.1

haht_commercehahtsite_scenario_serverMatch5.1_patch_1

haht_commercehahtsite_scenario_serverMatch5.1_patch_2

haht_commercehahtsite_scenario_serverMatch5.1_patch_3

haht_commercehahtsite_scenario_serverMatch5.1_patch_4

haht_commercehahtsite_scenario_serverMatch5.1_patch_5

haht_commercehahtsite_scenario_serverMatch5.1_patch_6

CPENameOperatorVersion
haht_commerce:hahtsite_scenario_serverhaht commerce hahtsite scenario servereq5.1
haht_commerce:hahtsite_scenario_serverhaht commerce hahtsite scenario servereq5.1_patch_1
haht_commerce:hahtsite_scenario_serverhaht commerce hahtsite scenario servereq5.1_patch_2
haht_commerce:hahtsite_scenario_serverhaht commerce hahtsite scenario servereq5.1_patch_3
haht_commerce:hahtsite_scenario_serverhaht commerce hahtsite scenario servereq5.1_patch_4
haht_commerce:hahtsite_scenario_serverhaht commerce hahtsite scenario servereq5.1_patch_5
haht_commerce:hahtsite_scenario_serverhaht commerce hahtsite scenario servereq5.1_patch_6

CPE	Name	Operator	Version
haht_commerce:hahtsite_scenario_server	haht commerce hahtsite scenario server	eq	5.1
haht_commerce:hahtsite_scenario_server	haht commerce hahtsite scenario server	eq	5.1_patch_1
haht_commerce:hahtsite_scenario_server	haht commerce hahtsite scenario server	eq	5.1_patch_2
haht_commerce:hahtsite_scenario_server	haht commerce hahtsite scenario server	eq	5.1_patch_3
haht_commerce:hahtsite_scenario_server	haht commerce hahtsite scenario server	eq	5.1_patch_4
haht_commerce:hahtsite_scenario_server	haht commerce hahtsite scenario server	eq	5.1_patch_5
haht_commerce:hahtsite_scenario_server	haht commerce hahtsite scenario server	eq	5.1_patch_6

References

marc.info/?l=full-disclosure&m=108091662105032&w=2

secunia.com/advisories/11288

www.kb.cert.org/vuls/id/705958

www.protego.dk/advisories/200405.html

www.securityfocus.com/bid/10033

exchange.xforce.ibmcloud.com/vulnerabilities/15717

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8.4 High

AI Score

Confidence

High

0.078 Low

EPSS

Percentile

94.2%

JSON

Related for CVE-2004-1763

cvelist1 nvd1