Vulnerability Details : CVE-2005-0249
Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header.
Vulnerability category: OverflowExecute code
Products affected by CVE-2005-0249
- cpe:2.3:a:symantec:norton_antivirus:8.1.1.323:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.1.1.329:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.1.1_build8.1.1.314a:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.01.434:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:2.18_build_83:*:exchange:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.01.446:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.01.460:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.01.464:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.01.471:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:9.0:*:macintosh_corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:2004:*:windows:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.1.1.319:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.01.437:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.01.457:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_internet_security:2004:*:professional:*:*:*:*:*
- cpe:2.3:a:symantec:norton_system_works:2004:*:windows:*:*:*:*:*
- cpe:2.3:a:symantec:antivirus_scan_engine:*:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.464:mr7:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.471:mr8:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.1.1_mr1_build_8.1.1.314a:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.1.1_mr2_build_8.1.1.319:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.446:mr4:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.460:mr6:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.1.1_mr3_build_8.1.1.323:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.1.1_mr5_build_8.1.1.336:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.434:mr3:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.437:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.457:mr5:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.1.1_mr4_build_8.1.1.329:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:brightmail_antispam:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:brightmail_antispam:5.5:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:web_security:3.01.59:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:web_security:3.01.60:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:web_security:3.01.61:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:web_security:3.01.62:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:web_security:3.01.63:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:web_security:3.01.68:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:web_security:3.01.67:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:gateway_security:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:gateway_security:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:gateway_security:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:mail_security:4.1:build_461:exchange:*:*:*:*:*
- cpe:2.3:a:symantec:mail_security:4.0:*:domino:*:*:*:*:*
- cpe:2.3:a:symantec:mail_security:4.1:build_458:exchange:*:*:*:*:*
- cpe:2.3:a:symantec:mail_security:4.1:build_459:exchange:*:*:*:*:*
- cpe:2.3:a:symantec:mail_security:4.5_build_719:*:exchange:*:*:*:*:*
- cpe:2.3:a:symantec:sav_filter_domino_nt_ports:build3.0.5:*:aix:*:*:*:*:*
- cpe:2.3:a:symantec:sav_filter_domino_nt_ports:build3.0.5:*:os_400:*:*:*:*:*
- cpe:2.3:a:symantec:sav_filter_for_domino_nt:3.1.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2005-0249
10.60%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 93 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2005-0249
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2005-0249
-
http://xforce.iss.net/xforce/alerts/id/187
Patch;Vendor Advisory
-
http://www.kb.cert.org/vuls/id/107822
Patch;Third Party Advisory;US Government Resource
-
http://securitytracker.com/id?1013133
Third Party Advisory;VDB Entry
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/18869
Symantec AntiVirus Library UPX parsing buffer overflow CVE-2005-0249 Vulnerability ReportVDB Entry
-
http://www.symantec.com/avcenter/security/Content/2005.02.08.html
Patch;Vendor Advisory
Jump to