CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-0193

Heap-based buffer overflow in the ISS Protocol Analysis Module (PAM), as used in certain versions of RealSecure Network 7.0 and Server Sensor 7.0, Proventia A, G, and M Series, RealSecure Desktop 7.0 and 3.6, RealSecure Guard 3.6, RealSecure Sentry 3.6, BlackICE PC Protection 3.6, and BlackICE Server Protection 3.6, allows remote attackers to execute arbitrary code via an SMB packet containing an authentication request with a long username.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.322

EPSS Ranking 96.5%

CVSS Severity

CVSS v2 Score 7.5

References

Products affected by CVE-2004-0193

Iss » Blackice Agent Server » Version: 3.6eca

cpe:2.3:a:iss:blackice_agent_server:3.6eca
Iss » Blackice Pc Protection » Version: 3.6cbd

cpe:2.3:a:iss:blackice_pc_protection:3.6cbd
Iss » Blackice Server Protection » Version: 3.6cbz

cpe:2.3:a:iss:blackice_server_protection:3.6cbz
Iss » Realsecure Desktop » Version: 3.6eca

cpe:2.3:a:iss:realsecure_desktop:3.6eca
Iss » Realsecure Desktop » Version: 3.6ecf

cpe:2.3:a:iss:realsecure_desktop:3.6ecf
Iss » Realsecure Desktop » Version: 7.0ebg

cpe:2.3:a:iss:realsecure_desktop:7.0ebg
Iss » Realsecure Desktop » Version: 7.0epk

cpe:2.3:a:iss:realsecure_desktop:7.0epk
Iss » Realsecure Guard » Version: 3.6ecb

cpe:2.3:a:iss:realsecure_guard:3.6ecb
Iss » Realsecure Network » Version: 7.0

cpe:2.3:a:iss:realsecure_network:7.0
Iss » Realsecure Sentry » Version: 3.6ecf

cpe:2.3:a:iss:realsecure_sentry:3.6ecf
Iss » Realsecure Server Sensor » Version: 7.0

cpe:2.3:a:iss:realsecure_server_sensor:7.0
Iss » Proventia A Series Xpu » Version: 20.15

cpe:2.3:h:iss:proventia_a_series_xpu:20.15
Iss » Proventia G Series Xpu » Version: 22.3

cpe:2.3:h:iss:proventia_g_series_xpu:22.3
Iss » Proventia M Series Xpu » Version: 1.30

cpe:2.3:h:iss:proventia_m_series_xpu:1.30

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-0193

Products

Pricing

Contact Us