Vulnerability Details : CVE-2005-4472
Stack-based buffer overflow in the Macromedia JRun 4 web server (JWS) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long request that is not properly handled during conversion to wide characters.
Vulnerability category: OverflowExecute codeDenial of service
Products affected by CVE-2005-4472
- cpe:2.3:a:macromedia:jrun:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:macromedia:jrun:4.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:macromedia:jrun:4.0:sp1a:*:*:*:*:*:*
- cpe:2.3:a:macromedia:jrun:4.0_build_61650:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2005-4472
9.67%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 95 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2005-4472
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2005-4472
-
http://www.macromedia.com/devnet/security/security_zone/mpsb05-13.html
Patch;Vendor Advisory
-
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=360
Vendor Advisory
-
http://www.vupen.com/english/advisories/2005/2949
-
http://securitytracker.com/id?1015370
Patch
-
http://www.securityfocus.com/bid/15905
-
http://securityreason.com/securityalert/283
-
http://www.securityfocus.com/bid/16026
Jump to