Lucene search

[email protected]CVE-2005-3183

HistoryOct 12, 2005 - 10:02 p.m.

CVE-2005-3183

2005-10-1222:02:00

CWE-20

[email protected]

web.nvd.nist.gov

cve-2005-3183

htboundary_put_block

w3c-libwww

denial of service

segmentation fault

out-of-bounds read

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.1 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.1%

JSON

The HTBoundary_put_block function in HTBound.c for W3C libwww (w3c-libwww) allows remote servers to cause a denial of service (segmentation fault) via a crafted multipart/byteranges MIME message that triggers an out-of-bounds read.

Affected configurations

NVD

Node

w3clibwww

CPENameOperatorVersion
w3c:libwwww3c libwwweq*

CPE	Name	Operator	Version
w3c:libwww	w3c libwww	eq	*

References

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.10/SCOSA-2006.10.txt

secunia.com/advisories/17119

secunia.com/advisories/17122

secunia.com/advisories/17489

secunia.com/advisories/17814

secunia.com/advisories/19193

secunia.com/advisories/25098

www.mandriva.com/security/advisories?name=MDKSA-2005:210

www.redhat.com/support/errata/RHSA-2007-0208.html

www.securityfocus.com/advisories/9444

www.securityfocus.com/advisories/9445

www.securityfocus.com/bid/15035

bugzilla.redhat.com/bugzilla/show_bug.cgi?id=159597

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9653

usn.ubuntu.com/220-1/

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.1 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.1%

JSON

Related for CVE-2005-3183

oraclelinux1 ubuntu1 nessus9 nvd1 redhat1 cvelist1 centos1 ubuntucve1 freebsd1