Lucene search
MitreCVE-2005-4438HistoryDec 21, 2005 - 1:03 a.m.
CVE-2005-4438
2005-12-2101:03:00
mitre
web.nvd.nist.gov
27
symantec
antivirus
dec2rar.dll
buffer overflow
cve-2005-4438
security vulnerability
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.1
Confidence
Low
EPSS
0.358
Percentile
97.2%
Heap-based buffer overflow in Dec2Rar.dll 3.2.14.3, as distributed in the Symantec Antivirus Library and used by various Symantec products, allows remote attackers to execute arbitrary code via RAR archives with sub-block headers that contain incorrect values in the length field.
Affected configurations
Node
dec2rar.dlldec2rar.dllMatch3.2.14.3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| dec2rar.dll | dec2rar.dll | 3.2.14.3 | cpe:2.3:a:dec2rar.dll:dec2rar.dll:3.2.14.3:*:*:*:*:*:*:* |
Related
symantec
symantec
Symantec AntiVirus Decomposition Buffer Overflow
2005-12-21 08:00:00
Symantec pcAnywhere Denial of Service
2005-11-29 08:00:00
cvelist
cvelist
CVE-2005-4438
2005-12-21 01:00:00
checkpoint_advisories
checkpoint_advisories
Symantec AntiVirus RAR Archive Decompression Buffer Overflow (CVE-2005-4438)
2009-10-06 00:00:00
cert
cert
Symantec RAR decompression library contains multiple heap overflows
2005-12-21 00:00:00
nvd
nvd
CVE-2005-4438
2005-12-21 01:03:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.1
Confidence
Low
EPSS
0.358
Percentile
97.2%
Related for CVE-2005-4438