Vulnerability Details CVE-2005-0523
Format string vulnerability in ProZilla 1.3.7.3 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the Location header.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.099
EPSS Ranking 95.0%
CVSS Severity
CVSS v2 Score 7.5
References
- http://deicide.siyahsapka.org/exploits/proz_ex2.c
- http://www.debian.org/security/2005/dsa-719
- http://www.securiteam.com/exploits/5WP082KEUW.html
- http://www.securityfocus.com/bid/12635
- http://deicide.siyahsapka.org/exploits/proz_ex2.c
- http://www.debian.org/security/2005/dsa-719
- http://www.securiteam.com/exploits/5WP082KEUW.html
- http://www.securityfocus.com/bid/12635
Products affected by CVE-2005-0523
-
cpe:2.3:a:prozilla:prozilla_download_accelerator:1.3.0
-
cpe:2.3:a:prozilla:prozilla_download_accelerator:1.3.1
-
cpe:2.3:a:prozilla:prozilla_download_accelerator:1.3.2
-
cpe:2.3:a:prozilla:prozilla_download_accelerator:1.3.3
-
cpe:2.3:a:prozilla:prozilla_download_accelerator:1.3.4
-
cpe:2.3:a:prozilla:prozilla_download_accelerator:1.3.5
-
cpe:2.3:a:prozilla:prozilla_download_accelerator:1.3.5.1
-
cpe:2.3:a:prozilla:prozilla_download_accelerator:1.3.5.2
-
cpe:2.3:a:prozilla:prozilla_download_accelerator:1.3.6