CVE-2005-1857
Published Sep 2, 2005
Last updated 7 years ago
Overview
- Description
- Format string vulnerability in simpleproxy before 3.4 allows remote malicious HTTP proxies to execute arbitrary code via format string specifiers in a reply.
- Source
- security@debian.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:simpleproxy:simpleproxy:2.2b:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B86D31EB-EDD0-4160-8ED6-FD68CAEA10E7"
},
{
"criteria": "cpe:2.3:a:simpleproxy:simpleproxy:3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C6266431-B372-46D5-BCBC-D65F795966EE"
},
{
"criteria": "cpe:2.3:a:simpleproxy:simpleproxy:3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "254BE71A-1B14-48BC-A114-D32F699599E8"
},
{
"criteria": "cpe:2.3:a:simpleproxy:simpleproxy:3.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "99ECA1AE-919D-4E3C-B6AB-E9A74BDCF379"
}
],
"operator": "OR"
}
]
}
]