Lucene search

MitreCVE-2005-4846

HistoryJun 20, 2007 - 10:00 p.m.

CVE-2005-4846

2007-06-2022:00:00

CWE-20

mitre

web.nvd.nist.gov

cve-2005-4846

format string vulnerability

spey 0.3.3

logger.cc

denial of service

arbitrary code execution

nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

Confidence

High

EPSS

0.002

Percentile

62.0%

JSON

Format string vulnerability in Logger.cc for Spey 0.3.3 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in a syslog call.

Affected configurations

Nvd

Node

speyspeyMatch0.3.3

VendorProductVersionCPE
speyspey0.3.3cpe:2.3:a:spey:spey:0.3.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
spey	spey	0.3.3	cpe:2.3:a:spey:spey:0.3.3:::::::*

References

sourceforge.net/forum/forum.php?forum_id=514029

spey.cvs.sourceforge.net/spey/spey/src/Logger.cc?r1=1.5&r2=1.6

spey.cvs.sourceforge.net/spey/spey/src/Logger.cc?view=log

www.osvdb.org/21327

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

Confidence

High

EPSS

0.002

Percentile

62.0%

JSON

Related for CVE-2005-4846