CVE-2005-3284

Multiple buffer overflows in AhnLab V3 AntiVirus V3Pro 2004 before 6.0.0.488, V3Net for Windows Server 6.0 before 6.0.0.488, and MyV3, with compressed file scanning enabled, allow remote attackers to execute arbitrary code via crafted (1) ALZ, (2) UUE, or (3) XXE archives.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://global.ahnlab.com/security/security_advisory002.html	Vendor Advisory
http://secunia.com/advisories/16851	Patch Vendor Advisory
http://secunia.com/secunia_research/2005-48/advisory/	Exploit Vendor Advisory
http://securityreason.com/securityalert/80
http://www.osvdb.org/19955
http://www.securityfocus.com/archive/1/413260
http://www.securityfocus.com/bid/15091

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:ahnlab:myv3:1.3.11.15:::::::*
	cpe:2.3:a:ahnlab:v3net:6.0.0.457::win_server:::::
	cpe:2.3:a:ahnlab:v3pro_2004:6.0.0.457:::::::*

History

No history.

Information

Published : 2005-10-23 10:02

Updated : 2024-02-28 10:42

NVD link : CVE-2005-3284

Mitre link : CVE-2005-3284

CVE.ORG link : CVE-2005-3284

JSON object : View

Products Affected

ahnlab

myv3
v3pro_2004
v3net

CWE

NVD-CWE-Other

{"id": "CVE-2005-3284", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2005-10-23T10:02:00.000", "references": [{"url": "http://global.ahnlab.com/security/security_advisory002.html", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/16851", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/secunia_research/2005-48/advisory/", "tags": ["Exploit", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://securityreason.com/securityalert/80", "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/19955", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/413260", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/15091", "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Multiple buffer overflows in AhnLab V3 AntiVirus V3Pro 2004 before 6.0.0.488, V3Net for Windows Server 6.0 before 6.0.0.488, and MyV3, with compressed file scanning enabled, allow remote attackers to execute arbitrary code via crafted (1) ALZ, (2) UUE, or (3) XXE archives."}], "lastModified": "2008-09-05T20:53:57.840", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ahnlab:myv3:1.3.11.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "412750A7-B6FC-4A36-8B30-AFDEA73F7226"}, {"criteria": "cpe:2.3:a:ahnlab:v3net:6.0.0.457:*:win_server:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2A6C1BB9-003E-4E75-B10C-DF5D3C59A7C0"}, {"criteria": "cpe:2.3:a:ahnlab:v3pro_2004:6.0.0.457:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2012E656-26A8-4C2D-BA9F-32075D456DD4"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}