CVE-2005-2758

2005-10-0519:02:00

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.7

Confidence

Low

EPSS

0.016

Percentile

87.7%

JSON

Integer signedness error in the administrative interface for Symantec AntiVirus Scan Engine 4.0 and 4.3 allows remote attackers to execute arbitrary code via crafted HTTP headers with negative values, which lead to a heap-based buffer overflow.

Affected configurations

Nvd

Node

symantecantivirus_scan_engineMatch4.0

symantecantivirus_scan_engineMatch4.0bluecoat

symantecantivirus_scan_engineMatch4.0clearswift

symantecantivirus_scan_engineMatch4.0netapp_filer

symantecantivirus_scan_engineMatch4.0netapp_netcache

symantecantivirus_scan_engineMatch4.3

symantecantivirus_scan_engineMatch4.3caching

symantecantivirus_scan_engineMatch4.3clearswift

symantecantivirus_scan_engineMatch4.3microsoft_sharepoint

symantecantivirus_scan_engine_for_network_attached_storageMatch4.3

VendorProductVersionCPE
symantecantivirus_scan_engine4.0cpe:2.3:a:symantec:antivirus_scan_engine:4.0:*:*:*:*:*:*:*
symantecantivirus_scan_engine4.0cpe:2.3:a:symantec:antivirus_scan_engine:4.0:*:bluecoat:*:*:*:*:*
symantecantivirus_scan_engine4.0cpe:2.3:a:symantec:antivirus_scan_engine:4.0:*:clearswift:*:*:*:*:*
symantecantivirus_scan_engine4.0cpe:2.3:a:symantec:antivirus_scan_engine:4.0:*:netapp_filer:*:*:*:*:*
symantecantivirus_scan_engine4.0cpe:2.3:a:symantec:antivirus_scan_engine:4.0:*:netapp_netcache:*:*:*:*:*
symantecantivirus_scan_engine4.3cpe:2.3:a:symantec:antivirus_scan_engine:4.3:*:*:*:*:*:*:*
symantecantivirus_scan_engine4.3cpe:2.3:a:symantec:antivirus_scan_engine:4.3:*:caching:*:*:*:*:*
symantecantivirus_scan_engine4.3cpe:2.3:a:symantec:antivirus_scan_engine:4.3:*:clearswift:*:*:*:*:*
symantecantivirus_scan_engine4.3cpe:2.3:a:symantec:antivirus_scan_engine:4.3:*:microsoft_sharepoint:*:*:*:*:*
symantecantivirus_scan_engine_for_network_attached_storage4.3cpe:2.3:a:symantec:antivirus_scan_engine_for_network_attached_storage:4.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
symantec	antivirus_scan_engine	4.0	cpe:2.3:a:symantec:antivirus_scan_engine:4.0:::::::*
symantec	antivirus_scan_engine	4.0	cpe:2.3:a:symantec:antivirus_scan_engine:4.0::bluecoat:::::
symantec	antivirus_scan_engine	4.0	cpe:2.3:a:symantec:antivirus_scan_engine:4.0::clearswift:::::
symantec	antivirus_scan_engine	4.0	cpe:2.3:a:symantec:antivirus_scan_engine:4.0::netapp_filer:::::
symantec	antivirus_scan_engine	4.0	cpe:2.3:a:symantec:antivirus_scan_engine:4.0::netapp_netcache:::::
symantec	antivirus_scan_engine	4.3	cpe:2.3:a:symantec:antivirus_scan_engine:4.3:::::::*
symantec	antivirus_scan_engine	4.3	cpe:2.3:a:symantec:antivirus_scan_engine:4.3::caching:::::
symantec	antivirus_scan_engine	4.3	cpe:2.3:a:symantec:antivirus_scan_engine:4.3::clearswift:::::
symantec	antivirus_scan_engine	4.3	cpe:2.3:a:symantec:antivirus_scan_engine:4.3::microsoft_sharepoint:::::
symantec	antivirus_scan_engine_for_network_attached_storage	4.3	cpe:2.3:a:symantec:antivirus_scan_engine_for_network_attached_storage:4.3:::::::*