SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

[Forgot Password]

Paid content will be excluded from the download.

Download | Alert*

CVE

CVE-2004-0110

Date: (C)2004-03-15 (M)2024-02-09

Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.5
Exploit Score: 10.0
Impact Score: 6.4

CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL

Reference:

http://marc.info/?l=bugtraq&m=107851606605420&w=2

http://marc.info/?l=bugtraq&m=107860178228804&w=2

SUSE-SR:2005:001

http://www.xmlsoft.org/news.html

libxml2-nanoftp-bo(15302)

libxml2-nanohttp-bo(15301)

oval:org.mitre.oval:def:11626

oval:org.mitre.oval:def:833

oval:org.mitre.oval:def:875

cpe:/a:xmlsoft:libxml2:2.5.10
cpe:/a:xmlsoft:libxml2:2.5.11
cpe:/a:xmlsoft:libxml2:2.4.23
cpe:/a:xmlsoft:libxml2:2.6.5
...

oval:org.secpod.oval:def:102058
oval:org.secpod.oval:def:101770

© SecPod Technologies