CVE-2004-0362

critical

Description

Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote attackers to execute arbitrary code via a SRV_MULTI response containing a SRV_USER_ONLINE response packet and a SRV_META_USER response packet with long (1) nickname, (2) firstname, (3) lastname, or (4) email address fields, as exploited by the Witty worm.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/15543

https://exchange.xforce.ibmcloud.com/vulnerabilities/15442

http://xforce.iss.net/xforce/alerts/id/166

http://www.osvdb.org/4355

http://www.kb.cert.org/vuls/id/947254

http://www.eeye.com/html/Research/Advisories/AD20040318.html

http://www.ciac.org/ciac/bulletins/o-104.shtml

http://secunia.com/advisories/11073

http://marc.info/?l=bugtraq&m=107965651712378&w=2

Details

Source: Mitre, NVD

Published: 2004-04-15

Updated: 2017-07-11

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical