CVE-2004-0179

{"id": "CVE-2004-0179", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2004-06-01T04:00:00.000", "references": [{"url": "ftp://patches.sgi.com/support/free/security/advisories/20040404-01-U.asc", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://lists.suse.com/archive/suse-security-announce/2004-Apr/0002.html", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://lists.suse.com/archive/suse-security-announce/2004-Apr/0003.html", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=bugtraq&m=108213873203477&w=2", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=bugtraq&m=108214147022626&w=2", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/11363", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://security.gentoo.org/glsa/glsa-200405-01.xml", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://security.gentoo.org/glsa/glsa-200405-04.xml", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.debian.org/security/2004/dsa-487", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:032", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/5365", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2004-157.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2004-158.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2004-159.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2004-160.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/10136", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1552", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1065", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10913", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "ftp://patches.sgi.com/support/free/security/advisories/20040404-01-U.asc", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.suse.com/archive/suse-security-announce/2004-Apr/0002.html", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.suse.com/archive/suse-security-announce/2004-Apr/0003.html", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://marc.info/?l=bugtraq&m=108213873203477&w=2", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://marc.info/?l=bugtraq&m=108214147022626&w=2", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/11363", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://security.gentoo.org/glsa/glsa-200405-01.xml", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://security.gentoo.org/glsa/glsa-200405-04.xml", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.debian.org/security/2004/dsa-487", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:032", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.osvdb.org/5365", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.redhat.com/support/errata/RHSA-2004-157.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.redhat.com/support/errata/RHSA-2004-158.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.redhat.com/support/errata/RHSA-2004-159.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.redhat.com/support/errata/RHSA-2004-160.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/10136", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1552", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1065", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10913", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-134"}]}], "descriptions": [{"lang": "en", "value": "Multiple format string vulnerabilities in (1) neon 0.24.4 and earlier, and other products that use neon including (2) Cadaver, (3) Subversion, and (4) OpenOffice, allow remote malicious WebDAV servers to execute arbitrary code."}, {"lang": "es", "value": "Multiples vulenerabilidades de cadena de formato en (1) neon 0.24.4 y anteriores, y otros productos que usan neon incluyendo (2) Cadaver, (3) Subversion, o (4) OpenOffice, permite a servidores remotos WebDAV maliciosos ejecutar c\u00f3digo arbitrario."}], "lastModified": "2024-11-20T23:47:56.563", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:webdav:neon:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BA2849E5-AB29-42FB-9FCA-58232AD2212F", "versionEndExcluding": "0.24.5", "versionStartIncluding": "0.19.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FCCAF014-CA2E-4079-971A-FEC7E2D7D7A2"}, {"criteria": "cpe:2.3:a:apache:subversion:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2B974D6F-2565-43DA-86F3-59D976DF7F07"}, {"criteria": "cpe:2.3:a:webdav:cadaver:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BD1C27C4-0DFD-4FC5-AC73-26637F80CC7C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}