CVE-2004-2086

2005-05-1904:00:00

mitre

web.nvd.nist.gov

cve-2004-2086

buffer overflow

sambar server

denial of service

remote code execution

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

8.2

Confidence

High

EPSS

0.3

Percentile

97.0%

JSON

Stack-based buffer overflow in results.stm for Sambar Server before the 6.0 production release allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP POST request with a long query parameter.

Affected configurations

Nvd

Node

sambarsambar_serverMatch6.0

sambarsambar_serverMatch6.0beta3

VendorProductVersionCPE
sambarsambar_server6.0cpe:2.3:a:sambar:sambar_server:6.0:*:*:*:*:*:*:*
sambarsambar_server6.0cpe:2.3:a:sambar:sambar_server:6.0:beta3:*:*:*:*:*:*