Vulnerability Details : CVE-2005-3284
Potential exploit
Multiple buffer overflows in AhnLab V3 AntiVirus V3Pro 2004 before 6.0.0.488, V3Net for Windows Server 6.0 before 6.0.0.488, and MyV3, with compressed file scanning enabled, allow remote attackers to execute arbitrary code via crafted (1) ALZ, (2) UUE, or (3) XXE archives.
Vulnerability category: XML external entity (XXE) injectionExecute code
Products affected by CVE-2005-3284
- cpe:2.3:a:ahnlab:v3net:6.0.0.457:*:win_server:*:*:*:*:*
- cpe:2.3:a:ahnlab:v3pro_2004:6.0.0.457:*:*:*:*:*:*:*
- cpe:2.3:a:ahnlab:myv3:1.3.11.15:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2005-3284
13.39%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 94 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2005-3284
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2005-3284
-
http://global.ahnlab.com/security/security_advisory002.html
Vendor Advisory
-
http://www.securityfocus.com/bid/15091
-
http://securityreason.com/securityalert/80
-
http://secunia.com/advisories/16851
Patch;Vendor Advisory
-
http://www.osvdb.org/19955
-
http://www.securityfocus.com/archive/1/413260
-
http://secunia.com/secunia_research/2005-48/advisory/
Exploit;Vendor Advisory
Jump to