Lucene search

[email protected]NVD:CVE-2005-4846

HistoryDec 31, 2005 - 5:00 a.m.

CVE-2005-4846

2005-12-3105:00:00

CWE-20

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

7.6

Confidence

High

EPSS

0.002

Percentile

62.0%

JSON

Format string vulnerability in Logger.cc for Spey 0.3.3 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in a syslog call.

Affected configurations

Nvd

Node

speyspeyMatch0.3.3

VendorProductVersionCPE
speyspey0.3.3cpe:2.3:a:spey:spey:0.3.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
spey	spey	0.3.3	cpe:2.3:a:spey:spey:0.3.3:::::::*

References

sourceforge.net/forum/forum.php?forum_id=514029

spey.cvs.sourceforge.net/spey/spey/src/Logger.cc?r1=1.5&r2=1.6

spey.cvs.sourceforge.net/spey/spey/src/Logger.cc?view=log

www.osvdb.org/21327

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

7.6

Confidence

High

EPSS

0.002

Percentile

62.0%

JSON

Related for NVD:CVE-2005-4846

cvelist2 cve2 nvd1