Vulnerability Details CVE-2005-0188
Format string vulnerability in the SetBaseURL function in AtHoc toolbar allows remote attackers to execute arbitrary code via format string specifiers in an invalid URL that is recorded in the debug log.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.023
EPSS Ranking 84.8%
CVSS Severity
CVSS v2 Score 7.5
References
- http://marc.info/?l=bugtraq&m=109710974324742&w=2
- http://marc.info/?l=bugtraq&m=110616363415176&w=2
- http://www.ngssoftware.com/advisories/athoc-01full.txt
- http://www.securityfocus.com/bid/11341
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17628
- http://marc.info/?l=bugtraq&m=109710974324742&w=2
- http://marc.info/?l=bugtraq&m=110616363415176&w=2
- http://www.ngssoftware.com/advisories/athoc-01full.txt
- http://www.securityfocus.com/bid/11341
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17628
Products affected by CVE-2005-0188
-
cpe:2.3:a:athoc:athoc_toolbar:*